heroku-client - npm Package Compare versions

Comparing version 2.4.1 to 2.4.2

lib/request.js

@@ -49,3 +49,4 @@ 'use strict';
         host: process.env.HEROKU_HTTP_PROXY_HOST,
-        port: process.env.HEROKU_HTTP_PROXY_PORT || 8080
+        port: process.env.HEROKU_HTTP_PROXY_PORT || 8080,
+        proxyAuth: process.env.HEROKU_HTTP_PROXY_AUTH
       }
@@ -52,0 +53,0 @@ });

package.json

 {
   "name": "heroku-client",
   "description": "A wrapper for the Heroku v3 API",
-  "version": "2.4.1",
+  "version": "2.4.2",
   "author": "Jonathan Clem",
@@ -6,0 +6,0 @@ "bugs": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

370470

increased by0.01%

Lines of code

11822

increased by0.01%

Worsened metrics

Number of low supply chain risk alerts

6

increased by20%

Number of medium supply chain risk alerts

5

increased by25%

No dependency changes