New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@sk-cli/log
Advanced tools
@sk-cli/log - npm Package Compare versions
+2
-2
| { | ||
| "name": "@sk-cli/log", | ||
| "version": "0.0.8", | ||
| "version": "0.0.9", | ||
| "description": "> TODO: description", | ||
@@ -29,3 +29,3 @@ "author": "xiaoxuesheng <3832702@qq.com>", | ||
| }, | ||
| "gitHead": "1884bf0a18b696122e7d4cba3dc8f150f12524ec" | ||
| "gitHead": "7789a84a9dada36199cab54e481da4dc1f5b8440" | ||
| } |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
No metric changes
No dependency changes