@manycore/def-next-cli - npm Package Compare versions

Comparing version 1.8.2 to 1.8.3-alpha.0

package.json

 {
   "name": "@manycore/def-next-cli",
-  "version": "1.8.2",
+  "version": "1.8.3-alpha.0",
   "author": "def team",
@@ -38,5 +38,3 @@ "title": "def-cli",
     "leven": "3.1.0"
-  },
-  "cdnVersion": "1.8.2",
-  "publicVersion": "1.8.2"
+  }
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 5 instances in 1 package

Improved metrics

Total package byte prevSize

7733097

increased by2380.15%

Lines of code

218324

increased by2298.11%

Number of low supply chain risk alerts

30

decreased by-66.29%

Number of medium supply chain risk alerts

3

decreased by-66.67%

Worsened metrics

Number of package files

16

decreased by-5.88%

Number of low quality alerts

2

increased by100%

No dependency changes