New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@putout/engine-parser
Advanced tools
@putout/engine-parser - npm Package Compare versions
Comparing version 1.2.0 to 1.2.1
| { | ||
| "name": "@putout/engine-parser", | ||
| "version": "1.2.0", | ||
| "version": "1.2.1", | ||
| "author": "coderaiser <mnemonic.enemy@gmail.com> (https://github.com/coderaiser)", | ||
@@ -28,7 +28,7 @@ "description": "putout parser", | ||
| "@babel/parser": "^7.6.2", | ||
| "recast": "^0.18.3", | ||
| "@babel/template": "^7.6.0", | ||
| "estree-to-babel": "^2.1.0", | ||
| "micro-memoize": "^4.0.8", | ||
| "once": "^1.4.0", | ||
| "recast": "https://github.com/coderaiser/recast/archive/v1.0.2-fix.tar.gz" | ||
| "once": "^1.4.0" | ||
| }, | ||
@@ -35,0 +35,0 @@ "keywords": [ |
Fixed alerts
HTTP dependency
Supply chain riskContains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Found 1 instance in 1 package
Improved metrics
- Number of high supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-0.54%
10090
Dependency changes
+ Addedast-types@0.13.3(transitive)
+ Addedesprima@4.0.1(transitive)
+ Addedprivate@0.1.8(transitive)
+ Addedrecast@0.18.10(transitive)
+ Addedsource-map@0.6.1(transitive)
Updatedrecast@^0.18.3