New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
node-jq - npm Package Compare versions
Comparing version 3.0.0 to 4.0.0
| { | ||
| "name": "node-jq", | ||
| "version": "3.0.0", | ||
| "version": "4.0.0", | ||
| "description": "Run jq in node", | ||
@@ -25,3 +25,3 @@ "main": "lib/jq.js", | ||
| "engines": { | ||
| "node": ">=12" | ||
| "node": ">=16" | ||
| }, | ||
@@ -60,4 +60,6 @@ "keywords": [ | ||
| "@arkweid/lefthook": "^0.7.7", | ||
| "@semantic-release/changelog": "^6.0.1", | ||
| "@semantic-release/git": "^10.0.1", | ||
| "@semantic-release/changelog": "^6.0.3", | ||
| "@semantic-release/commit-analyzer": "^10.0.1", | ||
| "@semantic-release/npm": "^10.0.4", | ||
| "@semantic-release/release-notes-generator": "^11.0.4", | ||
| "@swc-node/register": "^1.4.0", | ||
@@ -71,3 +73,3 @@ "@swc/cli": "^0.1.57", | ||
| "nyc": "^15.1.0", | ||
| "semantic-release": "^19.0.2", | ||
| "semantic-release": "^21.0.7", | ||
| "snazzy": "^9.0.0", | ||
@@ -74,0 +76,0 @@ "standard": "^17.0.0", |
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-10%
9
- Number of medium supply chain risk alerts
- decreased by-50%
1
Worsened metrics
- Total package byte prevSize
- decreased by-1.36%
1140463
- Dev dependency count
- increased by13.33%
17
- Number of package files
- decreased by-26.32%
28
- Lines of code
- decreased by-11.9%
3103
No dependency changes