Comparing version 0.1.2 to 0.1.3
@@ -15,3 +15,3 @@ { | ||
], | ||
"version": "0.1.2", | ||
"version": "0.1.3", | ||
"homepage": "http://github.com/benjamn/recast", | ||
@@ -27,3 +27,3 @@ "repository": { | ||
"dependencies": { | ||
"esprima": "git://github.com/ariya/esprima.git#master" | ||
"esprima": "git://github.com/benjamn/esprima.git#master" | ||
}, | ||
@@ -30,0 +30,0 @@ "devDependencies": {}, |
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
65385