@mapbox/node-pre-gyp
Advanced tools
@mapbox/node-pre-gyp - npm Package Compare versions
+1
-1
| # node-pre-gyp changelog | ||
| ## 2.0.0-rc.0 | ||
| ## 2.0.0 | ||
| - Supported Node versions are now stable versions of Node 18+. We will attempt to track the [Node.js release schedule](https://github.com/nodejs/release#release-schedule) and will regularly retire support for versions that have reached EOL. | ||
@@ -5,0 +5,0 @@ - Fixed use of `s3ForcePathStyle` for installation [#650](https://github.com/mapbox/node-pre-gyp/pull/650) |
@@ -2926,2 +2926,6 @@ { | ||
| }, | ||
| "18.20.6": { | ||
| "node_abi": 108, | ||
| "v8": "10.2" | ||
| }, | ||
| "19.0.0": { | ||
@@ -3095,2 +3099,6 @@ "node_abi": 111, | ||
| }, | ||
| "20.18.2": { | ||
| "node_abi": 115, | ||
| "v8": "11.3" | ||
| }, | ||
| "21.0.0": { | ||
@@ -3208,2 +3216,10 @@ "node_abi": 120, | ||
| }, | ||
| "22.13.0": { | ||
| "node_abi": 127, | ||
| "v8": "12.4" | ||
| }, | ||
| "22.13.1": { | ||
| "node_abi": 127, | ||
| "v8": "12.4" | ||
| }, | ||
| "23.0.0": { | ||
@@ -3224,3 +3240,19 @@ "node_abi": 131, | ||
| "v8": "12.9" | ||
| }, | ||
| "23.4.0": { | ||
| "node_abi": 131, | ||
| "v8": "12.9" | ||
| }, | ||
| "23.5.0": { | ||
| "node_abi": 131, | ||
| "v8": "12.9" | ||
| }, | ||
| "23.6.0": { | ||
| "node_abi": 131, | ||
| "v8": "12.9" | ||
| }, | ||
| "23.6.1": { | ||
| "node_abi": 131, | ||
| "v8": "12.9" | ||
| } | ||
| } |
+1
-1
| { | ||
| "name": "@mapbox/node-pre-gyp", | ||
| "description": "Node.js native addon binary install tool", | ||
| "version": "2.0.0-rc.0", | ||
| "version": "2.0.0", | ||
| "keywords": [ | ||
@@ -6,0 +6,0 @@ "native", |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 10 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 10 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
187474
0.24%- Lines of code
5199
0.62%- Number of low quality alerts
1
-50%- Number of medium supply chain risk alerts
7
-12.5%