@prisma/config
Advanced tools
@prisma/config - npm Package Compare versions
+4
-4
| { | ||
| "name": "@prisma/config", | ||
| "version": "6.5.0-dev.40", | ||
| "version": "6.5.0-dev.41", | ||
| "description": "Internal package used to define and read Prisma configuration files", | ||
@@ -19,3 +19,3 @@ "main": "dist/index.js", | ||
| "devDependencies": { | ||
| "@swc/core": "1.10.11", | ||
| "@swc/core": "1.11.5", | ||
| "@swc/jest": "0.2.37", | ||
@@ -26,4 +26,4 @@ "effect": "3.12.10", | ||
| "jest-junit": "16.0.0", | ||
| "@prisma/driver-adapter-utils": "6.5.0-dev.40", | ||
| "@prisma/get-platform": "6.5.0-dev.40" | ||
| "@prisma/driver-adapter-utils": "6.5.0-dev.41", | ||
| "@prisma/get-platform": "6.5.0-dev.41" | ||
| }, | ||
@@ -30,0 +30,0 @@ "files": [ |
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
776374
0