@react-native-community/cli-config-apple - npm Package Compare versions

Comparing version 20.1.1 to 20.1.2

package.json

 {
   "name": "@react-native-community/cli-config-apple",
-  "version": "20.1.1",
+  "version": "20.1.2",
   "license": "MIT",
@@ -10,3 +10,3 @@ "main": "build/index.js",
   "dependencies": {
-    "@react-native-community/cli-tools": "20.1.1",
+    "@react-native-community/cli-tools": "20.1.2",
     "execa": "^5.0.0",
@@ -17,3 +17,3 @@ "fast-glob": "^3.3.2",
   "devDependencies": {
-    "@react-native-community/cli-types": "20.1.1",
+    "@react-native-community/cli-types": "20.1.2",
     "ora": "^5.4.1"
@@ -32,3 +32,3 @@ },
   },
-  "gitHead": "2eb9e44ecb11abc01c5dd918b8cf36afa4a88db2"
+  "gitHead": "f9619307f49272af41c3292536e79865c6310e88"
 }

New alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

Fixed alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 3 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 2 instances in 1 package

No metric changes

Dependency changes

• + Added

  @react-native-community/cli-tools@20.1.2
  (transitive)

• - Removed

  @react-native-community/cli-tools@20.1.1
  (transitive)

• Updated

  @react-native-community/cli-tools@20.1.2