@loopback/testlab
Advanced tools
@loopback/testlab - npm Package Compare versions
+8
-8
| { | ||
| "name": "@loopback/testlab", | ||
| "description": "A collection of test utilities we use to write LoopBack tests.", | ||
| "version": "7.0.2", | ||
| "version": "7.0.3", | ||
| "license": "MIT", | ||
@@ -47,12 +47,12 @@ "main": "dist/index.js", | ||
| "should": "^13.2.3", | ||
| "sinon": "^17.0.1", | ||
| "supertest": "^6.3.3", | ||
| "tslib": "^2.6.2" | ||
| "sinon": "^18.0.0", | ||
| "supertest": "^7.0.0", | ||
| "tslib": "^2.6.3" | ||
| }, | ||
| "devDependencies": { | ||
| "@loopback/build": "^11.0.2", | ||
| "@loopback/eslint-config": "^15.0.2", | ||
| "@types/node": "^16.18.96" | ||
| "@loopback/build": "^11.0.3", | ||
| "@loopback/eslint-config": "^15.0.3", | ||
| "@types/node": "^16.18.98" | ||
| }, | ||
| "gitHead": "06b27e1b47cea48b54280e5590bb165e11fbeb10" | ||
| "gitHead": "b0e4a869679b8bb4ca2c48c233348d582dd4752a" | ||
| } |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 3 instances in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 3 instances in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Dependency changes
+ Added
@sinonjs/fake-timers@11.2.215.3.2(transitive)+ Added
cookie-signature@1.2.2(transitive)+ Added
formidable@3.5.4(transitive)+ Added
nise@6.1.5(transitive)+ Added
path-to-regexp@8.4.2(transitive)+ Added
sinon@18.0.1(transitive)+ Added
superagent@10.3.0(transitive)+ Added
supertest@7.2.2(transitive)- Removed
@sinonjs/fake-timers@11.3.1(transitive)- Removed
@sinonjs/text-encoding@0.7.3(transitive)- Removed
formidable@2.1.5(transitive)- Removed
nise@5.1.9(transitive)- Removed
path-to-regexp@6.3.0(transitive)- Removed
semver@7.7.4(transitive)- Removed
sinon@17.0.2(transitive)- Removed
superagent@8.1.2(transitive)- Removed
supertest@6.3.4(transitive)Updated
sinon@^18.0.0Updated
supertest@^7.0.0Updated
tslib@^2.6.3