@vercel/ruby
Advanced tools
@vercel/ruby - npm Package Compare versions
+3
-3
| { | ||
| "name": "@vercel/ruby", | ||
| "author": "Nathan Cahill <nathan@nathancahill.com>", | ||
| "version": "2.2.2", | ||
| "version": "2.2.3", | ||
| "license": "Apache-2.0", | ||
@@ -22,3 +22,2 @@ "main": "./dist/index", | ||
| "@types/which": "3.0.0", | ||
| "@vercel/build-utils": "13.0.1", | ||
| "execa": "2.0.4", | ||
@@ -28,3 +27,4 @@ "fs-extra": "^7.0.1", | ||
| "semver": "6.3.1", | ||
| "which": "3.0.0" | ||
| "which": "3.0.0", | ||
| "@vercel/build-utils": "13.2.3" | ||
| }, | ||
@@ -31,0 +31,0 @@ "scripts": { |
New alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 9 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 9 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package