🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more →
@mastra/codemod
Advanced tools
@mastra/codemod - npm Package Compare versions
+6
-0
| # @mastra/codemod | ||
| ## 1.0.6-alpha.0 | ||
| ### Patch Changes | ||
| - Security remediation for the 2026-06-17 "easy-day-js" supply-chain incident. Patch bump to publish clean versions and move the `latest` dist-tag forward, superseding the compromised versions that declared the malicious `easy-day-js` dependency. ([#18056](https://github.com/mastra-ai/mastra/pull/18056)) | ||
| ## 1.0.3 | ||
@@ -4,0 +10,0 @@ |
+1
-1
| { | ||
| "name": "@mastra/codemod", | ||
| "type": "module", | ||
| "version": "1.0.5", | ||
| "version": "1.0.6-alpha.0", | ||
| "license": "Apache-2.0", | ||
@@ -6,0 +6,0 @@ "description": "Codemod CLI for Mastra", |
New alerts
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
266704
0.13%Worsened metrics
- Number of low quality alerts
1
Infinity%No dependency changes