kierannpmfolder
Advanced tools
kierannpmfolder - npm Package Compare versions
Comparing version 1.0.42 to 1.0.43
| { | ||
| "name": "kierannpmfolder", | ||
| "version": "1.0.42", | ||
| "version": "1.0.43", | ||
| "description": "", | ||
@@ -8,11 +8,8 @@ "main": "index.js", | ||
| "test": "echo \"Error: no test specified\" && exit 1", | ||
| "postpublish": " yarn set version 3.2.2 && git push && git push --tags ", | ||
| "release:patch": "yarn set version 1.22.19 && yarn config set version-tag-prefix id-idris-iframe- && yarn version --patch && yarn publish" | ||
| "postpublish": "git push && git push origin id-idris-iframe-$npm_package_version", | ||
| "set:tag": "git tag id-idris-iframe-$npm_package_version", | ||
| "release:patch": "yarn version patch && yarn run set:tag && npm publish " | ||
| }, | ||
| "author": "", | ||
| "license": "ISC", | ||
| "dependencies": { | ||
| "yarn": "3.2.2" | ||
| }, | ||
| "packageManager": "yarn@1.22.19" | ||
| "license": "ISC" | ||
| } |
New alerts
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Dependency count
- decreased by-100%
0
- Number of package files
- increased by125%
9
- Lines of code
- increased by2200.87%
23860
Worsened metrics
- Total package byte prevSize
- decreased by-25.49%
3803311
- Number of low supply chain risk alerts
- increased by700%
8
- Number of medium supply chain risk alerts
- increased byInfinity%
2
Dependency changes
- Removedyarn@3.2.2