boost - npm Package Compare versions
Comparing version 0.60.3 to 0.60.4
| { | ||
| "name": "boost", | ||
| "version": "0.60.3", | ||
| "version": "0.60.4", | ||
| "description": "Robust pipeline for creating build tools that separate logic into routines and tasks.", | ||
@@ -26,3 +26,3 @@ "keywords": [ | ||
| "type": "beemo typescript --noEmit", | ||
| "prerelease": "yarn run build && yarn test", | ||
| "prerelease": "yarn test && yarn run build", | ||
| "release": "np --yolo --no-yarn" | ||
@@ -29,0 +29,0 @@ }, |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by44.24%
405870
- Number of package files
- increased by430.77%
69
- Lines of code
- increased by3895.4%
3476
Worsened metrics
- Number of low supply chain risk alerts
- increased byInfinity%
11
- Number of medium supply chain risk alerts
- increased byInfinity%
1