@ronin/cli - npm Package Compare versions

Comparing version 0.1.0-corny-ron-1071-1-experimental-3 to 0.1.0-leo-ron-1071-experimental-2

package.json

 {
   "name": "@ronin/cli",
-  "version": "0.1.0-corny-ron-1071-1-experimental-3",
+  "version": "0.1.0-leo-ron-1071-experimental-2",
   "type": "module",
@@ -33,4 +33,2 @@ "description": "The command-line interface for RONIN.",
     "@iarna/toml": "2.2.5",
-    "@ronin/engine": "0.0.16",
-    "@ronin/compiler": "0.12.4",
     "chalk-template": "1.1.0",
@@ -44,4 +42,2 @@ "get-port": "7.1.0",
   "devDependencies": {
-    "bun-bagel": "1.1.0",
-    "@ronin/schema": "0.1.2",
     "@biomejs/biome": "1.9.4",
@@ -48,0 +44,0 @@ "@types/bun": "1.1.12",

New alerts

Unpublished package

Supply chain risk

Package version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 12 instances in 1 package

High entropy strings

Supply chain risk

Contains high entropy strings. This could be a sign of encrypted data, leaked secrets or obfuscated code.

Found 1 instance in 1 package

Improved metrics

Dependency count

7

decreased by-22.22%

Dev dependency count

5

decreased by-28.57%

Number of low supply chain risk alerts

3

decreased by-89.66%

Number of medium supply chain risk alerts

1

decreased by-83.33%

Worsened metrics

Total package byte prevSize

24760

decreased by-97.21%

Lines of code

293

decreased by-98.23%

Dependency changes

• - Removed@ronin/compiler@0.12.4

• - Removed@ronin/engine@0.0.16

• - Removed@noble/hashes@1.7.1(transitive)

• - Removed@paralleldrive/cuid2@2.2.2(transitive)

• - Removed@ronin/compiler@0.12.4(transitive)

• - Removed@ronin/engine@0.0.16(transitive)

• - Removedansi-styles@3.2.1(transitive)

• - Removedarch@2.2.0(transitive)

• - Removedarg@1.0.0(transitive)

• - Removedchalk@2.3.0(transitive)

• - Removedclipboardy@1.2.2(transitive)

• - Removedcolor-convert@1.9.3(transitive)

• - Removedcolor-name@1.1.3(transitive)

• - Removedcross-spawn@5.1.0(transitive)

• - Removedescape-string-regexp@1.0.5(transitive)

• - Removedexeca@0.8.0(transitive)

• - Removedget-stream@3.0.0(transitive)

• - Removedhas-flag@2.0.0(transitive)

• - Removedis-stream@1.1.0(transitive)

• - Removedisexe@2.0.0(transitive)

• - Removedlru-cache@4.1.5(transitive)

• - Removednpm-run-path@2.0.2(transitive)

• - Removedp-finally@1.0.0(transitive)

• - Removedpath-key@2.0.1(transitive)

• - Removedpseudomap@1.0.2(transitive)

• - Removedshebang-command@1.2.0(transitive)

• - Removedshebang-regex@1.0.0(transitive)

• - Removedsignal-exit@3.0.7(transitive)

• - Removedstrip-eof@1.0.0(transitive)

• - Removedsupports-color@4.5.0(transitive)

• - Removedtitle@3.5.3(transitive)

• - Removedtitleize@1.0.0(transitive)

• - Removedwhich@1.3.1(transitive)

• - Removedyallist@2.1.2(transitive)

• - Removedzod@3.23.8(transitive)