@platformatic/telemetry - npm Package Compare versions

Comparing version 3.34.0 to 3.34.1-alpha.3

package.json

 {
   "name": "@platformatic/telemetry",
-  "version": "3.34.0",
+  "version": "3.34.1-alpha.3",
   "description": "OpenTelemetry integration for Platformatic",
@@ -39,3 +39,3 @@ "main": "index.js",
     "fastify-plugin": "^5.0.1",
-    "@platformatic/foundation": "3.34.0"
+    "@platformatic/foundation": "3.34.1-alpha.3"
   },
@@ -42,0 +42,0 @@ "engines": {

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Number of medium supply chain risk alerts

0

-100%

Worsened metrics

Total package byte prevSize

44925

-89.85%

Number of package files

19

-5%

Number of low quality alerts

2

100%

Dependency changes

• + Added

  @platformatic/foundation@3.34.1-alpha.3
  (transitive)

• - Removed

  @platformatic/foundation@3.34.0
  (transitive)

• Updated

  @platformatic/foundation@3.34.1-alpha.3