@operato/pull-to-refresh - npm Package Compare versions

Comparing version 9.0.34 to 9.0.45

package.json

@@ -5,3 +5,3 @@ {
   "author": "heartyoh",
-  "version": "9.0.34",
+  "version": "9.0.45",
   "type": "module",
@@ -35,3 +35,4 @@ "main": "dist/src/index.js",
     "storybook": "tsc && concurrently -k -r \"tsc --watch --preserveWatchOutput\" \"wds -c .storybook/server.mjs\"",
-    "storybook:build": "tsc && build-storybook"
+    "storybook:build": "tsc && build-storybook",
+    "postinstall": "node bundle.js"
   },
@@ -75,2 +76,2 @@ "dependencies": {
   "gitHead": "0373ae0dc80a00b4d87b4d1d93d80a7b934064c9"
-}
+}

New alerts

Known malware

Supply chain risk

This package version is identified as malware. It has been flagged either by Socket's AI scanner and confirmed by our threat research team, or is listed as malicious in security databases and other sources.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed or built. Malicious packages often use scripts that run automatically to execute payloads or fetch additional code.

Found 1 instance in 1 package

Unpublished package

Supply chain risk

Package version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

3853703

3138.62%

Number of package files

14

7.69%

Lines of code

353

0.28%

Worsened metrics

Number of critical supply chain risk alerts

1

Infinity%

Number of high supply chain risk alerts

1

Infinity%

Number of medium supply chain risk alerts

1

Infinity%

No dependency changes