highlight.run - npm Package Compare versions

Comparing version 1.0.11 to 1.0.12

package.json

 {
     "name": "highlight.run",
-    "version": "1.0.11",
+    "version": "1.0.12",
     "scripts": {
@@ -5,0 +5,0 @@ "build": "webpack",

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Number of low supply chain risk alerts

1

decreased by-96.15%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Total package byte prevSize

3019

decreased by-99.17%

Number of package files

4

decreased by-33.33%

Lines of code

94

decreased by-98.93%

No dependency changes