@mozaic-ds/gatsby-github-release
Advanced tools
Comparing version 1.0.1-alpha.9 to 1.0.1-alpha.18
@@ -6,2 +6,13 @@ # Change Log | ||
## [1.0.1-alpha.18](https://github.com/adeo/mozaic-design-system/compare/v1.0.1-alpha.17...v1.0.1-alpha.18) (2019-08-22) | ||
### Bug Fixes | ||
* **styleguide/version select:** return the right styleguide version ([#331](https://github.com/adeo/mozaic-design-system/issues/331)) ([8957f50](https://github.com/adeo/mozaic-design-system/commit/8957f50)) | ||
## [1.0.1-alpha.9](https://github.com/adeo/design-system--styleguide/compare/v1.0.1-alpha.7...v1.0.1-alpha.9) (2019-06-18) | ||
@@ -8,0 +19,0 @@ |
@@ -0,1 +1,2 @@ | ||
require('dotenv').config() | ||
const fetch = require('node-fetch') | ||
@@ -29,3 +30,3 @@ const fs = require('fs') | ||
'Content-Type': 'application/json', | ||
Authorization: 'Bearer 66792a1df6e0dd6345b461535cb37b40961b4439', | ||
Authorization: `Bearer ${process.env.GH_API_TOKEN}`, | ||
}, | ||
@@ -57,3 +58,3 @@ body: JSON.stringify({ query }), | ||
'https://' + | ||
tagName.replace(/\./g, '') + | ||
tagName.replace(/\.|-/g, '') + | ||
'-dot-design-system-adeo.appspot.com', | ||
@@ -60,0 +61,0 @@ internal: { |
{ | ||
"name": "@mozaic-ds/gatsby-github-release", | ||
"version": "1.0.1-alpha.9", | ||
"version": "1.0.1-alpha.18", | ||
"description": "", | ||
@@ -13,5 +13,5 @@ "main": "index.js", | ||
"dependencies": { | ||
"dotenv": "^8.1.0", | ||
"node-fetch": "^2.3.0" | ||
}, | ||
"gitHead": "e4bcb53d17c108a24d352b59e3e8e7cd0042b148" | ||
} | ||
} |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
4181
62
1
2
3
+ Addeddotenv@^8.1.0
+ Addeddotenv@8.6.0(transitive)