@shipengine/js-api
Advanced tools
@shipengine/js-api - npm Package Compare versions
+19
-0
@@ -42,2 +42,3 @@ import { Address } from "../addresses"; | ||
| rateDetails: RateDetail[]; | ||
| refundDetails: RefundDetails | null; | ||
| relayPoints: { | ||
@@ -62,2 +63,3 @@ shipFrom: RelayPoint; | ||
| voidedAt: string | null; | ||
| voidType: LabelVoidType | null; | ||
| }; | ||
@@ -96,2 +98,9 @@ export type PaperlessDownload = { | ||
| /** | ||
| * `refundStatus` is an optional string to filter results by refund status. | ||
| * Can be a single status or multiple comma-separated statuses. | ||
| * @example "pending" | ||
| * @example "pending,approved" | ||
| */ | ||
| refundStatus?: string; | ||
| /** | ||
| * `serviceCode` is an optional string to limit results to only labels for | ||
@@ -162,1 +171,11 @@ * a specific carrier service. | ||
| } & ListLabelsParams; | ||
| export type LabelVoidType = "refund_assist" | "manual"; | ||
| export type RefundStatus = "request_scheduled" | "pending" | "approved" | "rejected" | "excluded"; | ||
| export type RefundDetails = { | ||
| amountApproved: Money | null; | ||
| amountCredited: Money | null; | ||
| amountPaid: Money | null; | ||
| amountRequested: Money | null; | ||
| refundStatus: RefundStatus; | ||
| requestDate: string; | ||
| }; |
+1
-1
| { | ||
| "name": "@shipengine/js-api", | ||
| "version": "4.22.0", | ||
| "version": "4.22.1-next.0", | ||
| "main": "./index.js", | ||
@@ -5,0 +5,0 @@ "types": "./index.d.ts", |
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Fixed alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
1613791
0.04%- Lines of code
45730
0.04%Worsened metrics
- Number of low quality alerts
2
100%