New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@synstack/reforge
Advanced tools
@synstack/reforge - npm Package Compare versions
+7
-7
@@ -7,3 +7,3 @@ { | ||
| }, | ||
| "version": "1.7.1", | ||
| "version": "1.8.0", | ||
| "description": "Runtime tools for interactive DevX with the ReForge IDE extension", | ||
@@ -61,12 +61,12 @@ "keywords": [ | ||
| "dependencies": { | ||
| "@synstack/json": "1.1.7", | ||
| "@synstack/json": "1.1.8", | ||
| "pako": "^2.1.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@types/node": "^22.10.1", | ||
| "@types/node": "^22.15.17", | ||
| "@types/pako": "^2.0.3", | ||
| "@types/vscode": "^1.97.0", | ||
| "@types/vscode": "^1.100.0", | ||
| "tsup": "^8.4.0", | ||
| "typescript": "^5.8.2", | ||
| "zod": "^3.24.2" | ||
| "typescript": "^5.8.3", | ||
| "zod": "^3.24.4" | ||
| }, | ||
@@ -81,3 +81,3 @@ "files": [ | ||
| }, | ||
| "gitHead": "4aae6e86f7664e5b928ecb3a492ec035307168d1" | ||
| "gitHead": "4bf0bcaecdadd27ce3fe78ae0ce32ae1d09f0a24" | ||
| } |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
229833
0Dependency changes
+ Added
@synstack/json@1.1.8(transitive)- Removed
@synstack/json@1.1.7(transitive)Updated
@synstack/json@1.1.8