@vercel/ruby
Advanced tools
@vercel/ruby - npm Package Compare versions
+5
-4
| { | ||
| "name": "@vercel/ruby", | ||
| "author": "Nathan Cahill <nathan@nathancahill.com>", | ||
| "version": "1.3.5", | ||
| "version": "1.3.6-canary.0", | ||
| "license": "MIT", | ||
@@ -19,3 +19,4 @@ "main": "./dist/index", | ||
| "build": "node build", | ||
| "test-integration-once": "jest --env node --verbose --runInBand --bail", | ||
| "test": "jest --env node --verbose --runInBand --bail", | ||
| "test-integration-once": "yarn test", | ||
| "prepublishOnly": "node build" | ||
@@ -26,3 +27,3 @@ }, | ||
| "@types/semver": "6.0.0", | ||
| "@vercel/build-utils": "3.0.1", | ||
| "@vercel/build-utils": "3.0.2-canary.0", | ||
| "@vercel/ncc": "0.24.0", | ||
@@ -34,3 +35,3 @@ "execa": "2.0.4", | ||
| }, | ||
| "gitHead": "5e66d4b2ccd80a7e6a21d53cf4be3b11f2861513" | ||
| "gitHead": "f26858b735ad5d54e01afa67133b9f9456fbe72f" | ||
| } |
New alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 9 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 9 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
244431
0.02%Worsened metrics
- Number of low quality alerts
1
Infinity%