cfpb-chart-builder
Advanced tools
cfpb-chart-builder - npm Package Compare versions
Comparing version 4.0.1 to 4.0.2
| { | ||
| "name": "cfpb-chart-builder", | ||
| "version": "4.0.1", | ||
| "version": "4.0.2", | ||
| "description": "Charts for the Consumer Financial Protection Bureau", | ||
@@ -42,3 +42,3 @@ "main": "src/js/index.js", | ||
| "highcharts": "https://github.com/cfpb/highcharts-dist#fix-missing-plotline-label", | ||
| "xdr": "github:contolini/xdr" | ||
| "xdr": "https://github.com/contolini/xdr" | ||
| }, | ||
@@ -45,0 +45,0 @@ "devDependencies": { |
New alerts
HTTP dependency
Supply chain riskContains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Fixed alerts
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by108.07%
4383021
- Number of package files
- increased by7.37%
102
- Lines of code
- increased by29.45%
41017
Worsened metrics
- Number of low supply chain risk alerts
- increased by100%
8
- Number of medium supply chain risk alerts
- increased by33.33%
4