@uniformdev/canvas-commercetools - npm Package Compare versions

Comparing version 12.2.1-alpha.131 to 12.2.1-alpha.135

package.json

 {
   "name": "@uniformdev/canvas-commercetools",
-  "version": "12.2.1-alpha.131+5bf57bb5",
+  "version": "12.2.1-alpha.135+7a372e5f",
   "description": "commercetools data enhancers for Uniform Canvas",
@@ -28,3 +28,3 @@ "license": "SEE LICENSE IN LICENSE.txt",
   "dependencies": {
-    "@uniformdev/canvas": "^12.2.1-alpha.131+5bf57bb5"
+    "@uniformdev/canvas": "^12.2.1-alpha.135+7a372e5f"
   },
@@ -56,3 +56,3 @@ "peerDependencies": {
   },
-  "gitHead": "5bf57bb51f3e8726dce0db3269d34c51a19b9340"
+  "gitHead": "7a372e5f5dddf0b615e61d765f5545d0dc642216"
 }

New alerts

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Fixed alerts

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Number of medium supply chain risk alerts

1

decreased by-50%

Dependency changes

• Updated@uniformdev/canvas@^12.2.1-alpha.135+7a372e5f