@stackbit/dev
Advanced tools
@stackbit/dev - npm Package Compare versions
+4
-4
| { | ||
| "name": "@stackbit/dev", | ||
| "version": "0.0.5", | ||
| "version": "0.0.6", | ||
| "description": "stackbit-dev", | ||
@@ -25,4 +25,4 @@ "main": "dist/index.js", | ||
| "dependencies": { | ||
| "@stackbit/cms-core": "^0.0.5", | ||
| "@stackbit/dev-common": "^0.0.5", | ||
| "@stackbit/cms-core": "^0.0.6", | ||
| "@stackbit/dev-common": "^0.0.6", | ||
| "@stackbit/sdk": "^0.2.22", | ||
@@ -59,3 +59,3 @@ "axios": "^0.25.0", | ||
| }, | ||
| "gitHead": "9d1b64c94ea68c816c460e5260c924248169fe0f" | ||
| "gitHead": "7a0f9b82e949de9b7ebf6964ddd225149c1725a5" | ||
| } |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Worsened metrics
- Number of medium supply chain risk alerts
5
25%Dependency changes
+ Added
@stackbit/cms-core@0.0.6(transitive)+ Added
@stackbit/cms-git@0.0.6(transitive)+ Added
@stackbit/dev-common@0.0.6(transitive)- Removed
@stackbit/cms-core@0.0.5(transitive)- Removed
@stackbit/cms-git@0.0.5(transitive)- Removed
@stackbit/dev-common@0.0.5(transitive)Updated
@stackbit/cms-core@^0.0.6Updated
@stackbit/dev-common@^0.0.6