headfull - npm Package Compare versions

Comparing version 0.9.5 to 0.9.6

lib/find_chrome.js

@@ -6,3 +6,2 @@ "use strict";
 
-
 function win32(canary) {
@@ -14,3 +13,3 @@ const suffix = canary ?
   const prefixes = [
-    process.env.LOCALAPPDATA, process.env.PROGRAMFILES, process.env['PROGRAMFILES(X86)'], '/mnt/c/Program Files/', '/mnt/c/Program Files (x86)/'
+    process.env.LOCALAPPDATA, process.env.PROGRAMFILES, process.env.ProgramW6432, process.env['PROGRAMFILES(X86)'], '/mnt/c/Program Files/', '/mnt/c/Program Files (x86)/'
   ].filter(Boolean);
@@ -17,0 +16,0 @@

package.json

@@ -23,3 +23,3 @@ {
   },
-  "version": "0.9.5",
+  "version": "0.9.6",
   "name": "headfull",
@@ -26,0 +26,0 @@ "description": "[![Build Status](https://travis-ci.com/131/headfull.svg?branch=master)](https://travis-ci.com/131/headfull)\r [![Version](https://img.shields.io/npm/v/headfull.svg)](https://www.npmjs.com/package/headfull)\r [![License](https://img.shields.io/badge/license-MIT-blue.svg)](http://opensource.org/licenses/MIT)\r [![Code style](https://img.shields.io/badge/code%2fstyle-ivs-green.svg)](https://www.npmjs.com/package/eslint-plugin-ivs)",

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

8026

increased by0.85%

Number of medium supply chain risk alerts

2

decreased by-33.33%

Worsened metrics

Number of low supply chain risk alerts

7

increased by16.67%

No dependency changes