@salla.sa/cli
Advanced tools
@salla.sa/cli - npm Package Compare versions
Comparing version 1.2.3 to 1.2.5
| { | ||
| "name": "@salla.sa/cli", | ||
| "version": "1.2.3", | ||
| "version": "1.2.5", | ||
| "description": "The Official Salla Command Line Interface", | ||
@@ -29,7 +29,6 @@ "author": "Salla App (https://github.com/SallaApp)", | ||
| "scripts": { | ||
| "start": "node bin/index.js", | ||
| "build": "node bin/install.js && npx pkg bin/index.js --compress Brotli --config pkg.json --output dist/salla", | ||
| "dev-install-g": "npm install -g ./", | ||
| "dev-uninstall-g": "npm uninstall -g @salla.sa/cli", | ||
| "test": "mocha 'test/**/*.js' --recursive --timeout 60000 --exit" | ||
| "start": "node entry.js", | ||
| "build": "node scripts/createDist.js && npx pkg entry.js --compress Brotli --config pkg.json --output dist/salla", | ||
| "test": "mocha ./test/cli/all-tests.js --exit --timeout -1", | ||
| "postinstall": "node scripts/postinstall.js" | ||
| }, | ||
@@ -40,2 +39,3 @@ "files": [ | ||
| "dependencies": { | ||
| "download-file-with-progressbar": "^1.2.3", | ||
| "ngrok": "^4.2.2", | ||
@@ -46,4 +46,4 @@ "open": "^8.4.0", | ||
| "devDependencies": { | ||
| "@salla.sa/websocket": "~2.0", | ||
| "@octokit/rest": "^18.11.4", | ||
| "@salla.sa/websocket": "^2.0.6", | ||
| "@sentry/node": "^6.19.6", | ||
@@ -81,2 +81,3 @@ "@sentry/tracing": "^6.19.6", | ||
| "node-fetch": "^2.6.7", | ||
| "node-pty": "^0.10.1", | ||
| "node-watch": "^0.7.2", | ||
@@ -96,7 +97,7 @@ "npm": "^8.1.4", | ||
| "sinon": "7.4.2", | ||
| "tcp-port-used": "^1.0.2", | ||
| "universalify": "^2.0.0", | ||
| "web-dev-server": "^3.0.22", | ||
| "websocket": "~1.0", | ||
| "ws": "^8.4.0" | ||
| } | ||
| } |
New alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
Fixed alerts
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Improved metrics
- Number of medium supply chain risk alerts
- decreased by-75%
1
Worsened metrics
- Total package byte prevSize
- decreased by-99.99%
10878
- Dependency count
- increased by33.33%
4
- Dev dependency count
- increased by1.92%
53
- Number of package files
- decreased by-81.82%
2
- Lines of code
- decreased by-100%
0
- Number of high supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Addedajv@6.12.6(transitive)
+ Addedasn1@0.2.6(transitive)
+ Addedassert-plus@1.0.0(transitive)
+ Addedasynckit@0.4.0(transitive)
+ Addedaws-sign2@0.7.0(transitive)
+ Addedaws4@1.13.2(transitive)
+ Addedbcrypt-pbkdf@1.0.2(transitive)
+ Addedcaseless@0.12.0(transitive)
+ Addedcombined-stream@1.0.8(transitive)
+ Addedcore-util-is@1.0.2(transitive)
+ Addeddashdash@1.14.1(transitive)
+ Addeddelayed-stream@1.0.0(transitive)
+ Addeddownload-file-with-progressbar@1.2.3(transitive)
+ Addedecc-jsbn@0.1.2(transitive)
+ Addedextend@3.0.2(transitive)
+ Addedextsprintf@1.3.0(transitive)
+ Addedfast-deep-equal@3.1.3(transitive)
+ Addedfast-json-stable-stringify@2.1.0(transitive)
+ Addedforever-agent@0.6.1(transitive)
+ Addedform-data@2.3.3(transitive)
+ Addedgetpass@0.1.7(transitive)
+ Addedhar-schema@2.0.0(transitive)
+ Addedhar-validator@5.1.5(transitive)
+ Addedhttp-signature@1.2.0(transitive)
+ Addedinherits@2.0.3(transitive)
+ Addedis-typedarray@1.0.0(transitive)
+ Addedisstream@0.1.2(transitive)
+ Addedjsbn@0.1.1(transitive)
+ Addedjson-schema@0.4.0(transitive)
+ Addedjson-schema-traverse@0.4.1(transitive)
+ Addedjson-stringify-safe@5.0.1(transitive)
+ Addedjsprim@1.4.2(transitive)
+ Addedmime-db@1.52.0(transitive)
+ Addedmime-types@2.1.35(transitive)
+ Addedoauth-sign@0.9.0(transitive)
+ Addedpath@0.12.7(transitive)
+ Addedperformance-now@2.1.0(transitive)
+ Addedprocess@0.11.10(transitive)
+ Addedpsl@1.15.0(transitive)
+ Addedpunycode@2.3.1(transitive)
+ Addedqs@6.5.3(transitive)
+ Addedrequest@2.88.2(transitive)
+ Addedsafe-buffer@5.2.1(transitive)
+ Addedsafer-buffer@2.1.2(transitive)
+ Addedsshpk@1.18.0(transitive)
+ Addedtough-cookie@2.5.0(transitive)
+ Addedtunnel-agent@0.6.0(transitive)
+ Addedtweetnacl@0.14.5(transitive)
+ Addeduri-js@4.4.1(transitive)
+ Addedutil@0.10.4(transitive)
+ Addeduuid@3.4.0(transitive)
+ Addedverror@1.10.0(transitive)