slack-webhooks-handler - npm Package Compare versions

Comparing version 1.0.1 to 1.0.2

package.json

 {
   "name": "slack-webhooks-handler",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Manage incoming webhooks to send messages to Slack",
@@ -36,17 +36,17 @@ "author": "Tony Di Benedetto <tonyblast@gmail.com>",
   "dependencies": {
-    "@slack/client": "^4.8.0"
+    "@slack/client": "^4.11.0"
   },
   "devDependencies": {
-    "@babel/cli": "^7.1.2",
-    "@babel/core": "^7.1.2",
-    "@babel/plugin-proposal-object-rest-spread": "^7.0.0",
-    "@babel/preset-env": "^7.1.0",
+    "@babel/cli": "^7.2.3",
+    "@babel/core": "^7.3.4",
+    "@babel/plugin-proposal-object-rest-spread": "^7.3.4",
+    "@babel/preset-env": "^7.3.4",
     "babel-core": "7.0.0-bridge.0",
-    "babel-jest": "^23.6.0",
-    "commitizen": "^3.0.4",
-    "coveralls": "^3.0.2",
+    "babel-jest": "^24.3.1",
+    "commitizen": "^3.0.7",
+    "coveralls": "^3.0.3",
     "cz-conventional-changelog": "^2.1.0",
-    "eslint": "^5.7.0",
-    "husky": "^1.1.2",
-    "jest": "^23.6.0"
+    "eslint": "^5.15.1",
+    "husky": "^1.3.1",
+    "jest": "^24.3.1"
   },
@@ -53,0 +53,0 @@ "config": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

23044

increased by115.91%

Number of package files

23

increased by155.56%

Lines of code

428

increased by131.35%

Worsened metrics

Number of low supply chain risk alerts

3

increased byInfinity%

Number of medium supply chain risk alerts

2

increased byInfinity%

Dependency changes

• Updated@slack/client@^4.11.0