zero - npm Package Compare versions
+4
-4
| { | ||
| "name": "zero", | ||
| "version": "1.1.18", | ||
| "version": "1.1.19", | ||
| "description": "", | ||
@@ -28,4 +28,4 @@ "main": "lib/index.js", | ||
| "yarn": ">=1.17.3", | ||
| "zero-builder-process": "^1.1.18", | ||
| "zero-builders-map": "^1.1.18", | ||
| "zero-builder-process": "^1.1.19", | ||
| "zero-builders-map": "^1.1.19", | ||
| "zero-dep-tree-js": "^1.1.17", | ||
@@ -39,3 +39,3 @@ "zero-handlers-map": "^1.1.17" | ||
| }, | ||
| "gitHead": "681ec5be7780eca63d67689859a7e1cacb54676c" | ||
| "gitHead": "0f7f870ba25169b5aee535756c8e7b03ff727ace" | ||
| } |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 13 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 13 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Dependency changes
Updated
zero-builder-process@^1.1.19Updated
zero-builders-map@^1.1.19