New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
react-inline-editing
Advanced tools
react-inline-editing - npm Package Compare versions
+1
-1
| { | ||
| "name": "react-inline-editing", | ||
| "version": "1.0.4", | ||
| "version": "1.0.5", | ||
| "description": "An inline, customizable and editable text component built in React.", | ||
@@ -5,0 +5,0 @@ "main": "./dist/main.bundle.js", |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
No metric changes
No dependency changes