bitballoon - npm Package Compare versions

Comparing version 0.2.1 to 0.2.2

lib/site.js

@@ -182,6 +182,4 @@ var path = require("path"),
 
-    if (attributes.dir) {
-      createFromDir(this.client, attributes.dir, this.id, cb);
-    } else if (attributes.zip) {
-      createFromZip(this.client, attributes.zip, this.id, cb);
+    if (attributes.dir || attributes.zip) {
+      this.createDeploy(attributes, cb);
     } else {
@@ -188,0 +186,0 @@ this.client.update({model: Site, element: this, attributes: attributesForUpdate(attributes)}, cb);

package.json

@@ -5,3 +5,3 @@ {
   "description": "BitBalloon API client",
-  "version": "0.2.1",
+  "version": "0.2.2",
   "repository": {
@@ -8,0 +8,0 @@ "url": ""

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 2 instances in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

409897

increased by20.43%

Lines of code

11632

increased by22.75%

Worsened metrics

Number of downloads

33

decreased by-56.58%

Number of low supply chain risk alerts

9

increased by125%

Number of medium supply chain risk alerts

6

increased by20%

No dependency changes