@reliverse/bleump
Advanced tools
@reliverse/bleump - npm Package Compare versions
Comparing version
| { | ||
| "dependencies": { | ||
| "semver": "^7.7.2", | ||
| "@reliverse/relinka": "^1.6.1", | ||
| "@reliverse/rempts": "^1.7.58" | ||
| "semver": "^7.7.2" | ||
| }, | ||
@@ -12,3 +11,3 @@ "description": "@reliverse/bleump is a powerful version bump tool for javascript and typescript", | ||
| "type": "module", | ||
| "version": "1.1.8", | ||
| "version": "1.2.0", | ||
| "devDependencies": {}, | ||
@@ -15,0 +14,0 @@ "exports": { |
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Dependency count
2
-33.33%- Number of low supply chain risk alerts
1
-66.67%Worsened metrics
- Total package byte prevSize
37732
-16.6%- Number of package files
5
-28.57%- Lines of code
491
-31.9%Dependency changes
- Removed
@reliverse/rempts@^1.7.58- Removed
@reliverse/reltime@1.1.1(transitive)- Removed
@reliverse/rempts@1.7.66(transitive)- Removed
@sec-ant/readable-stream@0.4.1(transitive)- Removed
@sindresorhus/merge-streams@4.0.0(transitive)- Removed
@types/tinycolor2@1.4.6(transitive)- Removed
ansi-escapes@7.1.0(transitive)- Removed
ansi-regex@6.2.2(transitive)- Removed
ansi-styles@6.2.3(transitive)- Removed
chalk@5.6.2(transitive)- Removed
cli-cursor@5.0.0(transitive)- Removed
cli-spinners@3.2.1(transitive)- Removed
cross-spawn@7.0.6(transitive)- Removed
emoji-regex@10.5.0(transitive)- Removed
environment@1.1.0(transitive)- Removed
execa@9.6.0(transitive)- Removed
figures@6.1.0(transitive)- Removed
get-east-asian-width@1.4.0(transitive)- Removed
get-stream@9.0.1(transitive)- Removed
gradient-string@3.0.0(transitive)- Removed
human-signals@8.0.1(transitive)- Removed
is-fullwidth-code-point@5.1.0(transitive)- Removed
is-interactive@2.0.0(transitive)- Removed
is-plain-obj@4.1.0(transitive)- Removed
is-stream@4.0.1(transitive)- Removed
is-unicode-supported@2.1.0(transitive)- Removed
isexe@2.0.0(transitive)- Removed
log-update@6.1.0(transitive)- Removed
mimic-function@5.0.1(transitive)- Removed
npm-run-path@6.0.0(transitive)- Removed
onetime@7.0.0(transitive)- Removed
parse-ms@4.0.0(transitive)- Removed
path-key@3.1.14.0.0(transitive)- Removed
pretty-bytes@7.1.0(transitive)- Removed
pretty-ms@9.3.0(transitive)- Removed
restore-cursor@5.1.0(transitive)- Removed
shebang-command@2.0.0(transitive)- Removed
shebang-regex@3.0.0(transitive)- Removed
signal-exit@4.1.0(transitive)- Removed
sisteransi@1.0.5(transitive)- Removed
slice-ansi@7.1.2(transitive)- Removed
stdin-discarder@0.2.2(transitive)- Removed
string-width@7.2.08.1.0(transitive)- Removed
strip-ansi@7.1.2(transitive)- Removed
strip-final-newline@4.0.0(transitive)- Removed
terminal-size@4.0.0(transitive)- Removed
tinycolor2@1.6.0(transitive)- Removed
tinygradient@1.1.5(transitive)- Removed
ts-regex-builder@1.8.2(transitive)- Removed
unicorn-magic@0.3.0(transitive)- Removed
which@2.0.2(transitive)- Removed
wrap-ansi@9.0.2(transitive)- Removed
yoctocolors@2.1.2(transitive)