New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
sats-connect
Advanced tools
sats-connect - npm Package Compare versions
Comparing version 0.1.7 to 0.1.8
| { | ||
| "name": "sats-connect", | ||
| "version": "0.1.7", | ||
| "version": "0.1.8", | ||
| "main": "dist/index.js", | ||
| "files": ["dist"], | ||
| "scripts": { | ||
@@ -9,3 +10,2 @@ "test": "jest", | ||
| "build": "npm run clean && tsc --module ES6 --outDir ./dist", | ||
| "postinstall": "npm run build", | ||
| "clean": "rimraf dist", | ||
@@ -12,0 +12,0 @@ "lint": "prettier --write ." |
Fixed alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by57.04%
42807
- Number of high supply chain risk alerts
- decreased by-100%
0
- Number of low supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Number of package files
- decreased by-32.26%
21
- Lines of code
- decreased by-42.62%
315
No dependency changes