@pnpm/pnpmfile
Advanced tools
@pnpm/pnpmfile - npm Package Compare versions
+10
-10
| { | ||
| "name": "@pnpm/pnpmfile", | ||
| "version": "1002.1.3", | ||
| "version": "1002.1.4", | ||
| "description": "Reading a .pnpmfile.cjs", | ||
@@ -11,4 +11,4 @@ "keywords": [ | ||
| "funding": "https://opencollective.com/pnpm", | ||
| "repository": "https://github.com/pnpm/pnpm/blob/main/hooks/pnpmfile", | ||
| "homepage": "https://github.com/pnpm/pnpm/blob/main/hooks/pnpmfile#readme", | ||
| "repository": "https://github.com/pnpm/pnpm/tree/main/hooks/pnpmfile", | ||
| "homepage": "https://github.com/pnpm/pnpm/tree/main/hooks/pnpmfile#readme", | ||
| "bugs": { | ||
@@ -30,9 +30,9 @@ "url": "https://github.com/pnpm/pnpm/issues" | ||
| "path-absolute": "^1.0.1", | ||
| "@pnpm/core-loggers": "1001.0.4", | ||
| "@pnpm/crypto.hash": "1000.2.1", | ||
| "@pnpm/hooks.types": "1001.0.12", | ||
| "@pnpm/lockfile.types": "1002.0.2", | ||
| "@pnpm/hooks.types": "1001.0.13", | ||
| "@pnpm/store-controller-types": "1004.2.0", | ||
| "@pnpm/error": "1000.0.5", | ||
| "@pnpm/store-controller-types": "1004.1.0", | ||
| "@pnpm/types": "1000.9.0" | ||
| "@pnpm/lockfile.types": "1002.0.3", | ||
| "@pnpm/types": "1001.0.0", | ||
| "@pnpm/core-loggers": "1001.0.5" | ||
| }, | ||
@@ -43,5 +43,5 @@ "peerDependencies": { | ||
| "devDependencies": { | ||
| "@pnpm/fetcher-base": "1001.0.3", | ||
| "@pnpm/logger": "1001.0.1", | ||
| "@pnpm/pnpmfile": "1002.1.3", | ||
| "@pnpm/fetcher-base": "1001.0.2", | ||
| "@pnpm/pnpmfile": "1002.1.4", | ||
| "@pnpm/test-fixtures": "1000.0.0" | ||
@@ -48,0 +48,0 @@ }, |
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Fixed alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Dependency changes
+ Added
@pnpm/core-loggers@1001.0.5(transitive)+ Added
@pnpm/fetcher-base@1001.0.3(transitive)+ Added
@pnpm/hooks.types@1001.0.13(transitive)+ Added
@pnpm/lockfile.types@1002.0.3(transitive)+ Added
@pnpm/resolver-base@1005.2.0(transitive)+ Added
@pnpm/store-controller-types@1004.2.0(transitive)+ Added
@pnpm/types@1001.0.0(transitive)- Removed
@pnpm/core-loggers@1001.0.4(transitive)- Removed
@pnpm/fetcher-base@1001.0.2(transitive)- Removed
@pnpm/hooks.types@1001.0.12(transitive)- Removed
@pnpm/lockfile.types@1002.0.2(transitive)- Removed
@pnpm/resolver-base@1005.1.0(transitive)- Removed
@pnpm/store-controller-types@1004.1.0(transitive)- Removed
@pnpm/types@1000.9.0(transitive)Updated
@pnpm/core-loggers@1001.0.5Updated
@pnpm/hooks.types@1001.0.13Updated
@pnpm/types@1001.0.0