New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
@sap-ux/logger
Advanced tools
@sap-ux/logger - npm Package Compare versions
@@ -79,5 +79,6 @@ "use strict"; | ||
| const ui5ToolingFormat = (moduleName) => winston_1.format.combine(winston_1.format.colorize(), winston_1.format.label({ label: moduleName }), winston_1.format.printf(({ level, message, label }) => { | ||
| const lbl = label; | ||
| let msg = typeof message === 'string' ? message : (0, node_util_1.inspect)(message); | ||
| msg = msg.split(/\r?\n/).join(`\n${level} ${chalk_1.default.magenta(label)} `); | ||
| return `${level} ${chalk_1.default.magenta(label)} ${msg}`; | ||
| msg = msg.split(/\r?\n/).join(`\n${level} ${chalk_1.default.magenta(lbl)} `); | ||
| return `${level} ${chalk_1.default.magenta(lbl)} ${msg}`; | ||
| })); | ||
@@ -84,0 +85,0 @@ const decorateLevel = (level) => { |
+6
-6
| { | ||
| "name": "@sap-ux/logger", | ||
| "version": "0.8.2", | ||
| "version": "0.8.3", | ||
| "description": "A simple logging module", | ||
@@ -19,11 +19,11 @@ "repository": { | ||
| "lodash": "4.17.23", | ||
| "winston": "3.11.0", | ||
| "winston": "3.19.0", | ||
| "winston-transport": "4.9.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@types/debug": "4.1.12", | ||
| "@types/lodash": "4.14.202", | ||
| "@types/vscode": "1.73.1", | ||
| "@types/debug": "4.1.13", | ||
| "@types/lodash": "4.17.24", | ||
| "@types/vscode": "1.110.0", | ||
| "jest-extended": "6.0.0", | ||
| "logform": "2.6.0" | ||
| "logform": "2.7.0" | ||
| }, | ||
@@ -30,0 +30,0 @@ "files": [ |
New alerts
Unstable ownership
Supply chain riskA new collaborator has begun publishing package versions. Package stability and security risk may be elevated.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
52645
0.04%- Lines of code
1064
0.09%Worsened metrics
- Number of high supply chain risk alerts
1
Infinity%- Number of medium supply chain risk alerts
1
Infinity%Dependency changes
+ Added
winston@3.19.0(transitive)- Removed
winston@3.11.0(transitive)Updated
winston@3.19.0