limitd-client - npm Package Compare versions

Comparing version 2.1.3 to 2.1.4

package.json

 {
   "name": "limitd-client",
-  "version": "2.1.3",
+  "version": "2.1.4",
   "description": "limitd client for node.js",
@@ -15,3 +15,3 @@ "main": "index.js",
     "length-prefixed-stream": "~1.4.0",
-    "limitd-protocol": "limitd/protocol#v1.6.2",
+    "limitd-protocol": "limitd/protocol#v1.6.4",
     "lodash": "~3.7.0",
@@ -18,0 +18,0 @@ "murmurhash3js": "^3.0.1",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

GitHub dependency

Supply chain risk

Contains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

GitHub dependency

Supply chain risk

Contains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

No metric changes

Dependency changes

• Updatedlimitd-protocol@limitd/protocol#v1.6.4