@reach/alert-dialog - npm Package Compare versions

Comparing version 0.8.4 to 0.8.5

package.json

 {
   "name": "@reach/alert-dialog",
-  "version": "0.8.4",
+  "version": "0.8.5",
   "description": "Accessible React Alert Dialog.",
@@ -18,5 +18,5 @@ "author": "React Training <hello@reacttraining.com>",
   "dependencies": {
-    "@reach/auto-id": "^0.8.2",
-    "@reach/dialog": "^0.8.4",
-    "@reach/utils": "^0.8.4",
+    "@reach/auto-id": "^0.8.5",
+    "@reach/dialog": "^0.8.5",
+    "@reach/utils": "^0.8.5",
     "invariant": "^2.2.4",
@@ -37,3 +37,3 @@ "prop-types": "^15.7.2",
   ],
-  "gitHead": "81f50310879a4d99f3eaeba3cd95a66303e0186c"
+  "gitHead": "ac419cf63d0827016ca448bf95482bcd4c5f879e"
 }

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Worsened metrics

Number of low supply chain risk alerts

16

increased by100%

Dependency changes

• Updated@reach/auto-id@^0.8.5

• Updated@reach/dialog@^0.8.5

• Updated@reach/utils@^0.8.5