New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@tartine/common
Advanced tools
@tartine/common - npm Package Compare versions
Comparing version 1.0.4 to 1.0.5
| { | ||
| "name": "@tartine/common", | ||
| "version": "1.0.4", | ||
| "version": "1.0.5", | ||
| "description": "Nothing but commons", | ||
@@ -19,3 +19,5 @@ "main": "./dist/index.js", | ||
| "devDependencies": { | ||
| "@types/cookie": "^0.4.1", | ||
| "@types/cookie-session": "^2.0.42", | ||
| "@types/cookie-signature": "^1.0.3", | ||
| "@types/express": "^4.17.12", | ||
@@ -27,3 +29,5 @@ "@types/jsonwebtoken": "^8.5.1", | ||
| "dependencies": { | ||
| "cookie": "^0.4.0", | ||
| "cookie-session": "^1.4.0", | ||
| "cookie-signature": "^1.0.6", | ||
| "express": "^4.17.1", | ||
@@ -30,0 +34,0 @@ "express-validator": "^6.12.0", |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.59%
31233
- Number of package files
- increased by3.57%
58
- Lines of code
- increased by6.72%
778
Worsened metrics
- Dependency count
- increased by40%
7
- Dev dependency count
- increased by40%
7
- Number of low supply chain risk alerts
- increased by100%
4
Dependency changes
+ Addedcookie@^0.4.0
+ Addedcookie-signature@^1.0.6
+ Addedcookie@0.4.2(transitive)
+ Addedcookie-signature@1.2.2(transitive)
+ Addedobject-inspect@1.13.3(transitive)
- Removedobject-inspect@1.13.4(transitive)