@userfront/react
Advanced tools
@userfront/react - npm Package Compare versions
+2
-2
| { | ||
| "name": "@userfront/react", | ||
| "version": "1.0.0-alpha.15", | ||
| "version": "1.0.0-alpha.16", | ||
| "description": "React bindings and components for authentication with Userfront", | ||
@@ -42,3 +42,3 @@ "type": "module", | ||
| "@react-hook/resize-observer": "^1.2.6", | ||
| "@userfront/core": "^0.5.8", | ||
| "@userfront/core": "^0.6.5-beta.1", | ||
| "@xstate/react": "3.0.1", | ||
@@ -45,0 +45,0 @@ "lodash": "^4.17.21", |
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
929728
0Dependency changes
+ Added
@userfront/core@0.6.8(transitive)+ Added
async-function@1.0.0(transitive)+ Added
async-generator-function@1.0.0(transitive)+ Added
asynckit@0.4.0(transitive)+ Added
axios@1.15.0(transitive)+ Added
call-bind-apply-helpers@1.0.2(transitive)+ Added
combined-stream@1.0.8(transitive)+ Added
delayed-stream@1.0.0(transitive)+ Added
dunder-proto@1.0.1(transitive)+ Added
es-define-property@1.0.1(transitive)+ Added
es-errors@1.3.0(transitive)+ Added
es-object-atoms@1.1.1(transitive)+ Added
es-set-tostringtag@2.1.0(transitive)+ Added
form-data@4.0.5(transitive)+ Added
function-bind@1.1.2(transitive)+ Added
generator-function@2.0.1(transitive)+ Added
get-intrinsic@1.3.1(transitive)+ Added
get-proto@1.0.1(transitive)+ Added
gopd@1.2.0(transitive)+ Added
has-symbols@1.1.0(transitive)+ Added
has-tostringtag@1.0.2(transitive)+ Added
hasown@2.0.2(transitive)+ Added
math-intrinsics@1.1.0(transitive)+ Added
mime-db@1.52.0(transitive)+ Added
mime-types@2.1.35(transitive)+ Added
proxy-from-env@2.1.0(transitive)- Removed
@userfront/core@0.5.8(transitive)- Removed
axios@0.21.4(transitive)