napi-postinstall
Advanced tools
+3
-4
| { | ||
| "name": "napi-postinstall", | ||
| "version": "0.3.0", | ||
| "version": "0.3.2", | ||
| "type": "commonjs", | ||
@@ -30,4 +30,3 @@ "description": "The `postinstall` script helper for handling native bindings in legacy `npm` versions", | ||
| "!**/*.tsbuildinfo" | ||
| ], | ||
| "packageManager": "npm@11.4.2+sha512.f90c1ec8b207b625d6edb6693aef23dacb39c38e4217fe8c46a973f119cab392ac0de23fe3f07e583188dae9fd9108b3845ad6f525b598742bd060ebad60bff3" | ||
| } | ||
| ] | ||
| } |
+1
-1
@@ -110,3 +110,3 @@ # napi-postinstall | ||
| module.exports = require('napi-postinstall/fallback')( | ||
| require.resolve('../package.json') /* <napi-package-json-path> */, | ||
| require.resolve('./package.json') /* <napi-package-json-path> */, | ||
| true /* <check-version> */, | ||
@@ -113,0 +113,0 @@ ) |
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
56283
-0.3%