@uniformdev/cli - npm Package Compare versions

Comparing version 20.54.1-alpha.1 to 20.55.0

package.json

 {
   "name": "@uniformdev/cli",
-  "version": "20.54.1-alpha.1+028680cba4",
+  "version": "20.55.0",
   "description": "Uniform command line interface tool",
@@ -31,9 +31,9 @@ "license": "SEE LICENSE IN LICENSE.txt",
     "@thi.ng/mime": "^2.2.23",
-    "@uniformdev/assets": "20.54.1-alpha.1+028680cba4",
-    "@uniformdev/canvas": "20.54.1-alpha.1+028680cba4",
-    "@uniformdev/context": "20.54.1-alpha.1+028680cba4",
-    "@uniformdev/files": "20.54.1-alpha.1+028680cba4",
-    "@uniformdev/project-map": "20.54.1-alpha.1+028680cba4",
-    "@uniformdev/redirect": "20.54.1-alpha.1+028680cba4",
-    "@uniformdev/richtext": "20.54.1-alpha.1+028680cba4",
+    "@uniformdev/assets": "20.55.0",
+    "@uniformdev/canvas": "20.55.0",
+    "@uniformdev/context": "20.55.0",
+    "@uniformdev/files": "20.55.0",
+    "@uniformdev/project-map": "20.55.0",
+    "@uniformdev/redirect": "20.55.0",
+    "@uniformdev/richtext": "20.55.0",
     "call-bind": "^1.0.2",
@@ -85,3 +85,3 @@ "colorette": "2.0.20",
   },
-  "gitHead": "028680cba478a17da934cdb2ddebb777e2553455"
+  "gitHead": "ef21541bd262e454318a30372f90d22a06183b82"
 }

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 3 instances in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 25 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 3 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 3 instances in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 25 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 3 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Lines of code

13586

0.02%

Number of low quality alerts

1

-50%

Number of medium supply chain risk alerts

206

-0.48%

Worsened metrics

Total package byte prevSize

467537

-0.01%

Number of low supply chain risk alerts

329

0.3%

Dependency changes

• + Added

  @uniformdev/assets@20.55.0
  (transitive)

• + Added

  @uniformdev/canvas@20.55.0
  (transitive)

• + Added

  @uniformdev/context@20.55.0
  (transitive)

• + Added

  @uniformdev/files@20.55.0
  (transitive)

• + Added

  @uniformdev/project-map@20.55.0
  (transitive)

• + Added

  @uniformdev/redirect@20.55.0
  (transitive)

• + Added

  @uniformdev/richtext@20.55.0
  (transitive)

• + Added

  dequal@2.0.3
  (transitive)

• + Added

  immer@10.1.3
  (transitive)

• + Added

  js-cookie@3.0.5
  (transitive)

• + Added

  p-limit@3.1.0
  (transitive)

• + Added

  rfdc@1.4.1
  (transitive)

• + Added

  yocto-queue@0.1.0
  (transitive)

• Updated

  @uniformdev/assets@20.55.0

• Updated

  @uniformdev/canvas@20.55.0

• Updated

  @uniformdev/context@20.55.0

• Updated

  @uniformdev/files@20.55.0

• Updated

  @uniformdev/project-map@20.55.0

• Updated

  @uniformdev/redirect@20.55.0

• Updated

  @uniformdev/richtext@20.55.0