google-auth-library
Advanced tools
google-auth-library - npm Package Compare versions
+3
-3
| { | ||
| "name": "google-auth-library", | ||
| "version": "10.2.0", | ||
| "version": "10.2.1", | ||
| "author": "Google Inc.", | ||
@@ -56,3 +56,3 @@ "description": "Google APIs Authentication Client Library for Node.js", | ||
| "ncp": "^2.0.0", | ||
| "nock": "^14.0.1", | ||
| "nock": "14.0.5", | ||
| "null-loader": "^4.0.0", | ||
@@ -62,3 +62,3 @@ "puppeteer": "^24.0.0", | ||
| "ts-loader": "^8.0.0", | ||
| "typescript": "^5.1.6", | ||
| "typescript": "5.8.2", | ||
| "webpack": "^5.21.2", | ||
@@ -65,0 +65,0 @@ "webpack-cli": "^4.0.0" |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 21 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 21 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
54
-1.82%Worsened metrics
- Total package byte prevSize
542687
0