add-basic-auth - npm Package Compare versions

Comparing version 1.1.5 to 1.1.6

index.js

@@ -10,2 +10,4 @@ #!/usr/bin/env node
   .default('listenPort', 80)
+  .default('username', process.env.PROXY_USERNAME)
+  .default('password', process.env.PROXY_PASSWORD)
   .example(
@@ -12,0 +14,0 @@ 'add-basic-auth --listenPort 3001 --username foo --password bar --target http://brekken.com'

package.json

 {
   "name": "add-basic-auth",
-  "version": "1.1.5",
+  "version": "1.1.6",
   "description": "Protect a resource with basic auth",
@@ -5,0 +5,0 @@ "bin": {

README.md

@@ -17,4 +17,4 @@ # add-basic-auth
   --listenPort                                          [required] [default: 80]
-  --username                                                          [required]
-  --password                                                          [required]
+  --username                    [required] [default: process.env.PROXY_USERNAME]
+  --password                    [required] [default: process.env.PROXY_PASSWORD]
   --targetPort                                                     [default: 80]
@@ -21,0 +21,0 @@

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Total package byte prevSize

4174

2.5%

Lines of code

52

4%

Worsened metrics

Number of low supply chain risk alerts

2

Infinity%

No dependency changes