tinker - npm Package Compare versions

Comparing version 0.0.2 to 0.0.3

package.json

 {
   "name": "tinker",
-  "version": "0.0.2",
+  "version": "0.0.3",
   "description": "Tinker with your bower and node modules!",
@@ -5,0 +5,0 @@ "main": "tinker.js",

README.md

@@ -29,3 +29,3 @@ tinker
 
-3. Start tinkering!
+3. Start tinkering! (copy .git folder or git clone)
 
@@ -47,3 +47,3 @@ ```
 
-5. Stop tinkering
+5. Stop tinkering! (remove .git folder or clean install)
 
@@ -50,0 +50,0 @@ ```

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1582210

increased by80.43%

Number of package files

166

increased by104.94%

Lines of code

18241

increased by10.44%

Worsened metrics

Number of low supply chain risk alerts

4

increased by33.33%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes