@yarnpkg/pnp - npm Package Compare versions

Comparing version 4.0.0-rc.37 to 4.0.0-rc.38

package.json

 {
   "name": "@yarnpkg/pnp",
-  "version": "4.0.0-rc.37",
-  "stableVersion": "3.2.6",
+  "version": "4.0.0-rc.38",
+  "stableVersion": "3.3.0",
   "license": "BSD-2-Clause",
@@ -13,3 +13,3 @@ "main": "./lib/index.js",
     "@types/node": "^18.11.11",
-    "@yarnpkg/fslib": "^3.0.0-rc.37"
+    "@yarnpkg/fslib": "^3.0.0-rc.38"
   },
@@ -19,3 +19,4 @@ "devDependencies": {
     "@rollup/plugin-node-resolve": "^11.0.1",
-    "@yarnpkg/libzip": "^3.0.0-rc.37",
+    "@yarnpkg/libzip": "^3.0.0-rc.38",
+    "arg": "^5.0.2",
     "esbuild": "npm:esbuild-wasm@^0.15.15",
@@ -22,0 +23,0 @@ "resolve.exports": "^1.1.0",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

575179

increased by4.28%

Number of package files

39

increased by5.41%

Lines of code

8506

increased by8.16%

Worsened metrics

Dev dependency count

9

increased by12.5%

Number of low supply chain risk alerts

19

increased by18.75%

Dependency changes

• Updated@yarnpkg/fslib@^3.0.0-rc.38