New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@node-cli/logger
Advanced tools
@node-cli/logger - npm Package Compare versions
+4
-4
| { | ||
| "name": "@node-cli/logger", | ||
| "version": "1.3.6", | ||
| "version": "1.3.7", | ||
| "license": "MIT", | ||
@@ -37,6 +37,6 @@ "author": "Arno Versini", | ||
| "devDependencies": { | ||
| "@vitest/coverage-v8": "4.1.1", | ||
| "vitest": "4.1.1" | ||
| "@vitest/coverage-v8": "4.1.2", | ||
| "vitest": "4.1.2" | ||
| }, | ||
| "gitHead": "7ddcbe04d1eff21d7e379ce5cb33a17540d4cb75" | ||
| "gitHead": "5c00636c8f21d45d874855c522fcfdda96c2ba82" | ||
| } |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
No metric changes
No dependency changes