@stacks/common - npm Package Compare versions

Comparing version 7.1.3-pr.6 to 7.1.3-pr.7

package.json

 {
   "name": "@stacks/common",
-  "version": "7.1.3-pr.6+9ccc459d",
+  "version": "7.1.3-pr.7+a54d74ce",
   "description": "Common Stacks utilities",
@@ -47,3 +47,3 @@ "license": "MIT",
   },
-  "gitHead": "9ccc459d7201a49da03a8e3cd7ba59ada9dc5f50"
+  "gitHead": "a54d74ce4ed41ba32bde2be7bf7d6cdce00f5114"
 }

New alerts

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

No metric changes

No dependency changes