http-call - npm Package Compare versions
Comparing version 4.0.7 to 4.0.8
| { | ||
| "name": "http-call", | ||
| "description": "make http requests", | ||
| "version": "4.0.7", | ||
| "version": "4.0.8", | ||
| "author": "Jeff Dickey @jdxcode", | ||
@@ -10,3 +10,3 @@ "bugs": "https://github.com/heroku/http-call/issues", | ||
| "debug": "^3.1.0", | ||
| "is-retry-allowed": "git+https://github.com/heroku/is-retry-allowed", | ||
| "is-retry-allowed": "^1.1.0", | ||
| "is-stream": "^1.1.0", | ||
@@ -13,0 +13,0 @@ "tslib": "^1.8.1", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Improved metrics
- Number of high supply chain risk alerts
- decreased by-100%
0
- Number of medium supply chain risk alerts
- decreased by-16.67%
5
Worsened metrics
- Total package byte prevSize
- decreased by-0.18%
21881
Dependency changes
+ Addedis-retry-allowed@1.2.0(transitive)
Updatedis-retry-allowed@^1.1.0