@narando/config - npm Package Compare versions

Comparing version 0.28.4 to 0.28.5

CHANGELOG.md

@@ -6,2 +6,10 @@ # Change Log
 
+## [0.28.5](https://gitlab.com/narando/tooling/toolkit/compare/v0.28.4...v0.28.5) (2019-10-23)
+
+**Note:** Version bump only for package @narando/config
+
+
+
+
+
 ## [0.28.4](https://gitlab.com/narando/tooling/toolkit/compare/v0.28.3...v0.28.4) (2019-10-04)
@@ -8,0 +16,0 @@

package.json

 {
   "name": "@narando/config",
-  "version": "0.28.4",
+  "version": "0.28.5",
   "description": "Read NODE_ENV dependent configuration files",
@@ -36,3 +36,3 @@ "main": "dist/config.js",
   },
-  "gitHead": "384de6df1decdbc78e130afe496b02fdebf64991"
+  "gitHead": "28106aa2f2295bd1166a97e000d3522c9ab131c0"
 }

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

4345

increased by45.85%

Number of package files

5

increased by25%

Lines of code

26

increased byInfinity%

Number of medium maintenance alerts

0

decreased by-100%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Number of low supply chain risk alerts

3

increased byInfinity%

No dependency changes