abl-utils - npm Package Compare versions
Comparing version 1.0.4 to 1.0.5
| { | ||
| "name": "abl-utils", | ||
| "title": "ABL - utils", | ||
| "version": "1.0.4", | ||
| "version": "1.0.5", | ||
| "license": "MIT", | ||
@@ -26,3 +26,3 @@ "description": "description", | ||
| "abl-constants": "git+ssh://github.com/bucket-list/constants.git#v0.3.1", | ||
| "abl-lang": "git+ssh://github.com/bucket-list/lang.git#v0.3.13", | ||
| "abl-lang": "git+ssh://github.com/bucket-list/lang.git#v0.3.14", | ||
| "debug": "2.2.0", | ||
@@ -29,0 +29,0 @@ "lodash": "4.11.2", |
New alerts
Possible typosquat attack
Supply chain riskThere is a package with a similar name that is downloaded much more often.
| Did you mean |
|---|
xml-utils |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Worsened metrics
- Number of critical supply chain risk alerts
- increased byInfinity%
1