bower-npm-install
Advanced tools
Comparing version
{ | ||
"name": "bower-npm-install", | ||
"version": "0.5.0", | ||
"version": "0.5.1", | ||
"homepage": "http://github.com/arikon/bower-npm-install", | ||
@@ -26,3 +26,3 @@ "author": "Sergey Belov <peimei@ya.ru> (http://github.com/arikon)", | ||
"update-notifier": "~0.1.3", | ||
"byline": "git://github.com/SevInf/node-byline.git#72778f6d356f5f3dc17122fd00df747daf02d693" | ||
"byline": "git://github.com/SevInf/node-byline.git#2c546e682d503667ead0001090ecb9f27f62d928" | ||
}, | ||
@@ -29,0 +29,0 @@ "peerDependencies": { |
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable and can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable and can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package