fig-teams - npm Package Compare versions
Comparing version 1.4.4 to 2.1.0
| { | ||
| "name": "fig-teams", | ||
| "version": "1.4.4", | ||
| "version": "2.1.0", | ||
| "description": "", | ||
@@ -24,5 +24,6 @@ "main": "index.js", | ||
| "commander": "^8.1.0", | ||
| "conf": "^10.0.2", | ||
| "form-data-encoder": "^1.5.0", | ||
| "formdata-node": "^4.0.1", | ||
| "lodash.get": "^4.4.2", | ||
| "lodash.set": "^4.3.2", | ||
| "node-fetch": "^2.6.1", | ||
@@ -32,6 +33,8 @@ "yesno": "^0.3.1" | ||
| "devDependencies": { | ||
| "@types/lodash.get": "^4.4.6", | ||
| "@types/lodash.set": "^4.3.6", | ||
| "@types/node-fetch": "^2.5.12", | ||
| "esbuild": "^0.12.22", | ||
| "typescipt": "^1.0.0" | ||
| "typescript": "^4.4.3" | ||
| } | ||
| } |
Sorry, the diff of this file is too big to display
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Fixed alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-46.15%
7
Worsened metrics
- Total package byte prevSize
- decreased by-63.99%
101025
- Dependency count
- increased by12.5%
9
- Dev dependency count
- increased by66.67%
5
- Lines of code
- decreased by-62.9%
404
Dependency changes
+ Addedlodash.get@^4.4.2
+ Addedlodash.set@^4.3.2
+ Addedlodash.get@4.4.2(transitive)
+ Addedlodash.set@4.3.2(transitive)
- Removedconf@^10.0.2
- Removedajv@8.17.1(transitive)
- Removedajv-formats@2.1.1(transitive)
- Removedatomically@1.7.0(transitive)
- Removedconf@10.2.0(transitive)
- Removeddebounce-fn@4.0.0(transitive)
- Removeddot-prop@6.0.1(transitive)
- Removedenv-paths@2.2.1(transitive)
- Removedfast-deep-equal@3.1.3(transitive)
- Removedfast-uri@3.0.6(transitive)
- Removedfind-up@3.0.0(transitive)
- Removedis-obj@2.0.0(transitive)
- Removedjson-schema-traverse@1.0.0(transitive)
- Removedjson-schema-typed@7.0.3(transitive)
- Removedlocate-path@3.0.0(transitive)
- Removedmimic-fn@2.1.03.1.0(transitive)
- Removedonetime@5.1.2(transitive)
- Removedp-limit@2.3.0(transitive)
- Removedp-locate@3.0.0(transitive)
- Removedp-try@2.2.0(transitive)
- Removedpath-exists@3.0.0(transitive)
- Removedpkg-up@3.1.0(transitive)
- Removedrequire-from-string@2.0.2(transitive)
- Removedsemver@7.7.1(transitive)