postcss-color-hex-alpha
Advanced tools
Comparing version 8.0.1 to 8.0.2
| # Changes to PostCSS Color Hex Alpha | ||
| ### 8.0.2 (January 2, 2022) | ||
| - Removed Sourcemaps from package tarball. | ||
| - Moved CLI to CLI Package. See [announcement](https://github.com/csstools/postcss-plugins/discussions/121). | ||
| ### 8.0.1 (December 16, 2021) | ||
@@ -4,0 +9,0 @@ |
| { | ||
| "name": "postcss-color-hex-alpha", | ||
| "version": "8.0.1", | ||
| "version": "8.0.2", | ||
| "description": "Use 4 & 8 character hex color notation in CSS", | ||
@@ -17,3 +17,2 @@ "author": "Jonathan Neal <jonathantneal@hotmail.com>", | ||
| "CHANGELOG.md", | ||
| "INSTALL.md", | ||
| "LICENSE.md", | ||
@@ -24,5 +23,2 @@ "README.md", | ||
| ], | ||
| "bin": { | ||
| "postcss-color-hex-alpha": "dist/cli.mjs" | ||
| }, | ||
| "scripts": { | ||
@@ -34,3 +30,4 @@ "build": "rollup -c ../../rollup/default.js", | ||
| "stryker": "stryker run --logLevel error", | ||
| "test": "postcss-tape --ci" | ||
| "test": "postcss-tape --ci && npm run test:exports", | ||
| "test:exports": "node ./test/_import.mjs && node ./test/_require.cjs" | ||
| }, | ||
@@ -37,0 +34,0 @@ "engines": { |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Fixed alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-100%
0
- Number of medium supply chain risk alerts
- decreased by-66.67%
1
Worsened metrics
- Total package byte prevSize
- decreased by-91.21%
9297
- Number of package files
- decreased by-36.36%
7
- Lines of code
- decreased by-94.24%
20