@vercel/build-utils - npm Package Compare versions

Comparing version 13.25.0 to 13.26.0

CHANGELOG.md

 # @vercel/build-utils
 
+## 13.26.0
+
+### Minor Changes
+
+- 137e5d1: Allow builder V2 to expose startDevServer.
+
+### Patch Changes
+
+- bb61428: Include framework slug in output/config.json
+
 ## 13.25.0
@@ -4,0 +14,0 @@

dist/types.d.ts

@@ -416,2 +416,3 @@ import type FileRef from './file-ref';
     shouldServe?: ShouldServe;
+    startDevServer?: StartDevServer;
 }
@@ -578,2 +579,3 @@ export interface BuilderV3 {
     framework?: {
+        slug: string;
         version: string;
@@ -580,0 +582,0 @@ };

package.json

 {
   "name": "@vercel/build-utils",
-  "version": "13.25.0",
+  "version": "13.26.0",
   "license": "Apache-2.0",
@@ -5,0 +5,0 @@ "main": "./dist/index.js",

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 11 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 3 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 11 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 3 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1999732

0.01%

Lines of code

51308

0

No dependency changes