New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@uniformdev/canvas-next
Advanced tools
@uniformdev/canvas-next - npm Package Compare versions
Comparing version 17.1.1-alpha.231 to 17.2.0
| { | ||
| "name": "@uniformdev/canvas-next", | ||
| "version": "17.1.1-alpha.231+6a4608662", | ||
| "version": "17.2.0", | ||
| "description": "Next.js SDK for Uniform Canvas", | ||
@@ -45,4 +45,4 @@ "license": "SEE LICENSE IN LICENSE.txt", | ||
| "dependencies": { | ||
| "@uniformdev/canvas": "^17.1.1-alpha.231+6a4608662", | ||
| "@uniformdev/canvas-react": "^17.1.1-alpha.231+6a4608662" | ||
| "@uniformdev/canvas": "^17.2.0", | ||
| "@uniformdev/canvas-react": "^17.2.0" | ||
| }, | ||
@@ -66,3 +66,3 @@ "peerDependencies": { | ||
| }, | ||
| "gitHead": "6a46086627e0ac9d6b37542e01dd01c3468331b7" | ||
| "gitHead": "18ea48d2d1da97733e9e3935e72bd61c665e180d" | ||
| } |
Fixed alerts
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Number of low quality alerts
- decreased by-33.33%
2
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-0.54%
11096