@marvelousdesigner/design-system - npm Package Compare versions

Comparing version 0.1.14 to 0.1.15

package.json

 {
   "name": "@marvelousdesigner/design-system",
-  "version": "0.1.14",
+  "version": "0.1.15",
   "private": false,
@@ -25,2 +25,3 @@ "types": "dist/index.d.ts",
     "react-dom": "^16.9.0 || 17.x || 18.x",
+    "react-slick": "^0.29.0",
     "styled-components": "5.x",
@@ -55,2 +56,3 @@ "styled-reset": "4.4.4",
     "@types/react-dom": "18.0.9",
+    "@types/react-slick": "^0.23.13",
     "@types/styled-components": "^5.1.26",
@@ -57,0 +59,0 @@ "@typescript-eslint/eslint-plugin": "^5.46.0",

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1154556

increased by41.03%

Lines of code

14518

increased by123.32%

Worsened metrics

Dependency count

11

increased by10%

Dev dependency count

51

increased by2%

Number of low supply chain risk alerts

11

increased by120%

Number of medium supply chain risk alerts

4

increased byInfinity%

Dependency changes

• + Addedreact-slick@^0.29.0

• + Addedcaniuse-lite@1.0.30001685(transitive)

• + Addedclassnames@2.5.1(transitive)

• + Addedelectron-to-chromium@1.5.67(transitive)

• + Addedenquire.js@2.1.6(transitive)

• + Addedjson2mq@0.2.0(transitive)

• + Addedlodash.debounce@4.0.8(transitive)

• + Addedreact-slick@0.29.0(transitive)

• + Addedresize-observer-polyfill@1.5.1(transitive)

• + Addedstring-convert@0.2.1(transitive)

• - Removedcaniuse-lite@1.0.30001686(transitive)

• - Removedelectron-to-chromium@1.5.68(transitive)