electron-winstaller - npm Package Compare versions

Comparing version 4.0.2 to 5.0.0

package.json

 {
   "name": "electron-winstaller",
-  "version": "4.0.2",
+  "version": "5.0.0",
   "description": "Module to generate Windows installers for Electron apps",
@@ -13,2 +13,3 @@ "main": "lib/index.js",
   "scripts": {
+    "install": "node ./script/select-7z-arch.js",
     "build": "tsc",
@@ -15,0 +16,0 @@ "prepublish": "npm run build",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 4 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 3 instances in 1 package

Improved metrics

Total package byte prevSize

29967798

increased by13.66%

Number of package files

55

increased by5.77%

Lines of code

582

increased by3.37%

Worsened metrics

Number of high supply chain risk alerts

1

increased byInfinity%

Number of low supply chain risk alerts

2

increased by100%

Number of medium supply chain risk alerts

26

increased by4%

No dependency changes