New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@node-cli/utilities
Advanced tools
@node-cli/utilities - npm Package Compare versions
+4
-5
| { | ||
| "name": "@node-cli/utilities", | ||
| "version": "1.0.6", | ||
| "version": "1.0.7", | ||
| "license": "MIT", | ||
@@ -36,7 +36,6 @@ "author": "Arno Versini", | ||
| "devDependencies": { | ||
| "@node-cli/comments": "0.2.9", | ||
| "@vitest/coverage-v8": "4.0.18", | ||
| "vitest": "4.0.18" | ||
| "@vitest/coverage-v8": "4.1.1", | ||
| "vitest": "4.1.1" | ||
| }, | ||
| "gitHead": "06236497427f489176837d5f8274a3b2a4d4cf0d" | ||
| "gitHead": "7ddcbe04d1eff21d7e379ce5cb33a17540d4cb75" | ||
| } |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Dev dependency count
2
-33.33%Worsened metrics
- Total package byte prevSize
14255
-0.24%No dependency changes