New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@q42/lib-jitsi-meet
Advanced tools
@q42/lib-jitsi-meet - npm Package Compare versions
Comparing version 1.1.5 to 1.1.6
| { | ||
| "name": "@q42/lib-jitsi-meet", | ||
| "version": "1.1.5", | ||
| "version": "1.1.6", | ||
| "description": "Borrel fork for accessing Jitsi server side deployments", | ||
@@ -19,3 +19,2 @@ "repository": { | ||
| "dependencies": { | ||
| "@jitsi/js-utils": "1.0.0", | ||
| "@jitsi/sdp-interop": "0.1.14", | ||
@@ -26,2 +25,3 @@ "@jitsi/sdp-simulcast": "0.2.2", | ||
| "jitsi-meet-logger": "github:jitsi/jitsi-meet-logger#5ec92357570dc8f0b7ffc1528820721c84c6af8b", | ||
| "js-utils": "github:jitsi/js-utils#8567f86ec2774ae1d1c47b22e3435928cf5d9771", | ||
| "lodash.isequal": "4.5.0", | ||
@@ -28,0 +28,0 @@ "sdp-transform": "2.3.0", |
New alerts
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
2199989
Worsened metrics
- Number of high supply chain risk alerts
- increased by33.33%
4
Dependency changes
+ Addedjs-utils@github:jitsi/js-utils#8567f86ec2774ae1d1c47b22e3435928cf5d9771
- Removed@jitsi/js-utils@1.0.0
- Removed@jitsi/js-utils@1.0.0(transitive)
- Removedbowser@2.7.0(transitive)
- Removedjs-md5@0.7.3(transitive)
- Removedpostis@2.2.0(transitive)