@vercel/node
Advanced tools
@vercel/node - npm Package Compare versions
+15
-4
| { | ||
| "name": "@vercel/node", | ||
| "version": "1.15.1-canary.1", | ||
| "version": "1.15.1-canary.2", | ||
| "license": "MIT", | ||
@@ -15,3 +15,3 @@ "main": "./dist/index", | ||
| "test-integration-once": "jest --env node --verbose --runInBand --bail test/integration.test.js", | ||
| "test-unit": "jest --env node --verbose --bail test/prepare-cache.test.js", | ||
| "test-unit": "jest --env node --verbose --bail test/prepare-cache.test.ts", | ||
| "prepublishOnly": "node build" | ||
@@ -22,3 +22,14 @@ }, | ||
| ], | ||
| "jest": { | ||
| "preset": "ts-jest", | ||
| "testEnvironment": "node", | ||
| "globals": { | ||
| "ts-jest": { | ||
| "diagnostics": true, | ||
| "isolatedModules": true | ||
| } | ||
| } | ||
| }, | ||
| "dependencies": { | ||
| "@types/jest": "27.4.1", | ||
| "@types/node": "*", | ||
@@ -38,3 +49,3 @@ "@vercel/node-bridge": "2.2.1", | ||
| "@types/test-listen": "1.1.0", | ||
| "@vercel/build-utils": "2.16.1-canary.1", | ||
| "@vercel/build-utils": "2.16.1-canary.2", | ||
| "@vercel/ncc": "0.24.0", | ||
@@ -50,3 +61,3 @@ "@vercel/nft": "0.18.1", | ||
| }, | ||
| "gitHead": "f88c862e9d9d4ad385e54d5fecaa0306a6ed5612" | ||
| "gitHead": "d91bca7d6bc8066690c0db4b11990a354d13ebbd" | ||
| } |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 5 instances in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 5 instances in 1 package
Improved metrics
- Total package byte prevSize
3122001
0.01%Worsened metrics
- Dependency count
5
25%Dependency changes
+ Added
@types/jest@27.4.1+ Added
@types/jest@27.4.1(transitive)+ Added
ansi-regex@5.0.1(transitive)+ Added
ansi-styles@4.3.05.2.0(transitive)+ Added
chalk@4.1.2(transitive)+ Added
color-convert@2.0.1(transitive)+ Added
color-name@1.1.4(transitive)+ Added
diff-sequences@27.5.1(transitive)+ Added
has-flag@4.0.0(transitive)+ Added
jest-diff@27.5.1(transitive)+ Added
jest-get-type@27.5.1(transitive)+ Added
jest-matcher-utils@27.5.1(transitive)+ Added
pretty-format@27.5.1(transitive)+ Added
react-is@17.0.2(transitive)+ Added
supports-color@7.2.0(transitive)