cldr-data - npm Package Compare versions

Comparing version 30.0.3 to 30.0.4

install.js

@@ -83,3 +83,5 @@ /**
 
-  if (parentPackage["cldr-data-urls-json"]) {
+  if (process.env.CLDR_DATA_URLS_JSON) {
+    srcUrl = process.env.CLDR_DATA_URLS_JSON;
+  } else if (parentPackage && parentPackage["cldr-data-urls-json"]) {
     srcUrl = parentPackage["cldr-data-urls-json"];
@@ -90,3 +92,5 @@ } else {
 
-  if (parentPackage && parentPackage["cldr-data-coverage"] && (
+  if (process.env.CLDR_COVERAGE) {
+    coverage = process.env.CLDR_COVERAGE;
+  } else if (parentPackage && parentPackage["cldr-data-coverage"] && (
         (parentPackage.dependencies && parentPackage.dependencies["cldr-data"]) ||
@@ -98,6 +102,2 @@ (parentPackage.devDependencies && parentPackage.devDependencies["cldr-data"])
 
-  if (process.env.CLDR_COVERAGE) {
-    coverage = process.env.CLDR_COVERAGE;
-  }
-
   if (coverage) {
@@ -104,0 +104,0 @@ options.srcUrlKey = coverage;

package.json

 {
   "name": "cldr-data",
-  "version": "30.0.3",
+  "version": "30.0.4",
   "keywords": [
@@ -5,0 +5,0 @@ "unicode",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

17977

increased by0.63%

Lines of code

283

increased by0.35%

Worsened metrics

Number of low supply chain risk alerts

11

increased by22.22%

No dependency changes