New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@stdlib/string-base-capitalize
Advanced tools
@stdlib/string-base-capitalize - npm Package Compare versions
+3
-3
| { | ||
| "name": "@stdlib/string-base-capitalize", | ||
| "version": "0.1.0", | ||
| "version": "0.1.1", | ||
| "description": "Capitalize the first character in a string.", | ||
@@ -41,4 +41,4 @@ "license": "Apache-2.0", | ||
| "devDependencies": { | ||
| "@stdlib/assert-is-string": "^0.0.8", | ||
| "@stdlib/bench": "^0.0.12", | ||
| "@stdlib/assert-is-string": "^0.1.0", | ||
| "@stdlib/bench": "^0.1.0", | ||
| "tape": "git+https://github.com/kgryte/tape.git#fix/globby", | ||
@@ -45,0 +45,0 @@ "istanbul": "^0.4.1", |
+2
-2
@@ -145,4 +145,4 @@ <!-- | ||
| [test-image]: https://github.com/stdlib-js/string-base-capitalize/actions/workflows/test.yml/badge.svg?branch=v0.1.0 | ||
| [test-url]: https://github.com/stdlib-js/string-base-capitalize/actions/workflows/test.yml?query=branch:v0.1.0 | ||
| [test-image]: https://github.com/stdlib-js/string-base-capitalize/actions/workflows/test.yml/badge.svg?branch=v0.1.1 | ||
| [test-url]: https://github.com/stdlib-js/string-base-capitalize/actions/workflows/test.yml?query=branch:v0.1.1 | ||
@@ -149,0 +149,0 @@ [coverage-image]: https://img.shields.io/codecov/c/github/stdlib-js/string-base-capitalize/main.svg |
Fixed alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Number of medium supply chain risk alerts
0
-100%Worsened metrics
- Total package byte prevSize
25095
0No dependency changes