@xfers/xfers-components - npm Package Compare versions

Comparing version 1.0.1 to 1.0.2

package.json

 {
   "name": "@xfers/xfers-components",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "This package includes all the UI components used to build Xfers SDK and website, as well as a wrapper for Xfers APIs.",
@@ -5,0 +5,0 @@ "main": "./dist/xfers-components.bundle.js",

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

8134721

increased by13.79%

Number of package files

241

increased by0.42%

Lines of code

25924

increased by542.48%

Worsened metrics

Number of low supply chain risk alerts

17

increased by1600%

Number of medium supply chain risk alerts

4

increased by300%

No dependency changes