@troveng/trov-web-config - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

package.json

 {
   "name": "@troveng/trov-web-config",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Reusable configuration for trov web projects",
@@ -5,0 +5,0 @@ "engines": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 8 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

108097

increased by596.68%

Number of package files

64

increased by326.67%

Lines of code

2158

increased by2816.22%

Worsened metrics

Number of low supply chain risk alerts

18

increased by800%

Number of medium supply chain risk alerts

2

increased byInfinity%

No dependency changes