@travetto/config - npm Package Compare versions

Comparing version 0.0.17 to 0.0.18

package.json

@@ -9,3 +9,3 @@ {
     "@types/js-yaml": "^3.10.1", 
-    "js-yaml": "https://github.com/arciisine/js-yaml.git"
+    "js-yaml": "https://github.com/arciisine/js-yaml.git#3.11.0"
   }, 
@@ -20,3 +20,3 @@ "description": "",
   "scripts": {}, 
-  "version": "0.0.17"
+  "version": "0.0.18"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

HTTP dependency

Supply chain risk

Contains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

HTTP dependency

Supply chain risk

Contains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

7676

increased by0.09%

Dependency changes

• Updatedjs-yaml@https://github.com/arciisine/js-yaml.git#3.11.0