arbundles
Advanced tools
Comparing version 0.6.14 to 0.6.15
{ | ||
"name": "arbundles", | ||
"version": "0.6.14", | ||
"version": "0.6.15", | ||
"description": "Arweave bundling library", | ||
@@ -62,3 +62,3 @@ "author": "Josh Benaron <joshbenaron@gmail.com>", | ||
"arweave-stream-tx": "^1.1.0", | ||
"avsc": "git://github.com/JesseTheRobot/avsc#csp-fixes", | ||
"avsc": "https://github.com/Bundlr-Network/avsc#csp-fixes", | ||
"axios": "^0.21.3", | ||
@@ -65,0 +65,0 @@ "base64url": "^3.0.1", |
HTTP dependency
Supply chain riskContains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
214037
0