minipass-fetch
Advanced tools
Comparing version 2.0.1 to 2.0.2
@@ -241,3 +241,3 @@ 'use strict' | ||
| hostname: parsedURL.hostname, | ||
| path: parsedURL.pathname, | ||
| path: `${parsedURL.pathname}${parsedURL.search}`, | ||
| port: parsedURL.port, | ||
@@ -244,0 +244,0 @@ protocol: parsedURL.protocol, |
| { | ||
| "name": "minipass-fetch", | ||
| "version": "2.0.1", | ||
| "version": "2.0.2", | ||
| "description": "An implementation of window.fetch in Node.js using Minipass streams", | ||
@@ -5,0 +5,0 @@ "license": "MIT", |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.05%
45406
- Number of high maintenance alerts
- decreased by-100%
0
- Number of low supply chain risk alerts
- decreased by-50%
1
- Number of medium supply chain risk alerts
- decreased by-8.33%
11