New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@sk-cli/log
Advanced tools
@sk-cli/log - npm Package Compare versions
+2
-2
| { | ||
| "name": "@sk-cli/log", | ||
| "version": "0.0.9", | ||
| "version": "0.0.10", | ||
| "description": "> TODO: description", | ||
@@ -29,3 +29,3 @@ "author": "xiaoxuesheng <3832702@qq.com>", | ||
| }, | ||
| "gitHead": "7789a84a9dada36199cab54e481da4dc1f5b8440" | ||
| "gitHead": "f0dfda388103818ee40595ea4b36d3c5f04f03f3" | ||
| } |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Improved metrics
- Total package byte prevSize
938
0.11%No dependency changes