web3-utils - npm Package Compare versions

Comparing version 1.2.2 to 1.2.3

package.json

 {
     "name": "web3-utils",
-    "version": "1.2.2",
+    "version": "1.2.3",
     "description": "Collection of utility functions used in web3.js.",
@@ -28,3 +28,4 @@ "repository": "https://github.com/ethereum/web3.js/tree/1.x/packages/web3-utils",
         "dtslint": "0.4.2"
-    }
+    },
+    "gitHead": "aca6a78b6c8182f175aa059e7ad359f109ec7a84"
 }

types/index.d.ts

@@ -233,2 +233,3 @@ /*
 	components?: AbiOutput[];
+    internalType?: string;
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Copyleft License

License

(Experimental) Copyleft license information was found

Found 1 instance in 1 package

SPDX disjunction

License

SPDX disjunction for an artifact's license information

Found 1 instance in 1 package

Mixed license

License

(Experimental) Package contains multiple licenses.

Found 1 instance in 1 package

Non-permissive License

License

(Experimental) A license not known to be considered permissive was found

Found 1 instance in 1 package

Unidentified License

License

(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license

Found 1 instance in 1 package

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Copyleft License

License

(Experimental) Copyleft license information was found

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

SPDX disjunction

License

SPDX disjunction for an artifact's license information

Found 1 instance in 1 package

Non-permissive License

License

(Experimental) A license not known to be considered permissive was found

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

1

decreased by-80%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Total package byte prevSize

117164

decreased by-88.76%

Number of package files

60

decreased by-1.64%

Number of low license alerts

5

increased by66.67%

Lines of code

3349

decreased by-79.46%

No dependency changes