eslint-mdx - npm Package Compare versions

Comparing version 2.0.0-next.4 to 2.0.0-next.5

package.json

 {
   "name": "eslint-mdx",
-  "version": "2.0.0-next.4",
+  "version": "2.0.0-next.5",
   "description": "ESLint Parser for MDX",
@@ -42,3 +42,3 @@ "repository": "git+https://github.com/mdx-js/eslint-mdx.git",
   },
-  "gitHead": "a4078f230a449cd953aa1229c198cd9fbe3f838f"
+  "gitHead": "dfa23d2c485fbd8049d46194da4233869fc5a4c0"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

83553

increased by694.31%

Number of package files

22

increased by633.33%

Lines of code

1089

increased byInfinity%

Worsened metrics

Number of low supply chain risk alerts

7

increased by600%

Number of medium supply chain risk alerts

3

increased by50%

No dependency changes