Skip to content

Update package.json #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Update package.json #17

wants to merge 2 commits into from

Conversation

jadoonf
Copy link
Owner

@jadoonf jadoonf commented Aug 8, 2023

No description provided.

@github-actions
Copy link

github-actions bot commented Aug 8, 2023
edited
Loading

listen.dev ∙ Security Report

critical 🚨 1 medium ⚠️ 3 low 🔷 4

🔍 The following behaviors have been detected in the dependency tree during installation

🚨 Critical severity
📑 1 category

  • 📑 Metadata ∙ 1 package
    • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package has inconsistent scripts in the tarball's package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        request-promise-native 1.0.9 1 🔗
⚠️ Medium severity
🛡️🔎 2 categories

  • 🛡️ Advisories ∙ 1 package
    • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • Server-Side Request Forgery in Request ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        request 2.88.2 1 🔗
  • 🔎 Static analysis ∙ 2 packages
    • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        uuid 3.4.0 1 🔗
    • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        fsevents 1.2.13 1 🔗
🔷 Low severity
📑 1 category

  • 📑 Metadata ∙ 4 packages
    • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        urix 0.1.0 1 🔗
    • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        source-map-url 0.4.1 1 🔗
    • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        source-map-resolve 0.5.3 1 🔗
    • 📦 [email protected] ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        resolve-url 0.2.1 1 🔗

Powered by listen.dev

@jadoonf
Copy link
Owner Author

jadoonf commented Aug 8, 2023
edited
Loading

📊 Package size report   -3.17%↓

File Before After
package.json 904 B -34.4%↓593 B
Total (Includes all files) 9.8 kB -3.17%↓9.5 kB
Tarball size 3.7 kB -2.99%↓3.6 kB
Unchanged files
File Size
.github/workflows/explain.yml 736 B
.github/workflows/lstn.yml 319 B
.github/workflows/package-size-report.yml 536 B
.github/workflows/test/lstn-cli-workflow.yml 2.0 kB
.github/workflows/test/lstn-dynamic.yml 378 B
.github/workflows/test/lstn-policy.yml 334 B
index.js 28 B
README.md 3.4 kB
rules.yml 1.2 kB

🤖 This report was automatically generated by pkg-size-action

@jadoonf
Copy link
Owner Author

jadoonf commented Aug 8, 2023

listen.dev listen.dev ∙ Security Report

Critical Medium Low
Count 🚨 1 ⚠️ 3 🔷 4

🔍 The following behaviors have been detected in the dependency tree during installation

🚨 Critical severity

Categories
Count 📑 1

📑 Metadata - 1 package

📦 [email protected] - open 🔗
This package has inconsistent scripts in the tarball's package.json - 1 total occurrence
Name Version Transitive Dependency Occurrences More
request-promise-native 1.0.9 1 🔗

⚠️ Medium severity

Categories
Count 🛡️🔎 2

🛡️ Advisories - 1 package

📦 [email protected] - open 🔗
Server-Side Request Forgery in Request - 1 total occurrence
Name Version Transitive Dependency Occurrences More
request 2.88.2 1 🔗

🔎 Static analysis - 2 packages

📦 [email protected] - open 🔗
install script detected in package.json - 1 total occurrence
Name Version Transitive Dependency Occurrences More
uuid 3.4.0 1 🔗
📦 [email protected] - open 🔗
install script detected in package.json - 1 total occurrence
Name Version Transitive Dependency Occurrences More
fsevents 1.2.13 1 🔗

🔷 Low severity

Categories
Count 📑 1

📑 Metadata - 4 packages

📦 [email protected] - open 🔗
This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. - 1 total occurrence
Name Version Transitive Dependency Occurrences More
urix 0.1.0 1 🔗
📦 [email protected] - open 🔗
This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. - 1 total occurrence
Name Version Transitive Dependency Occurrences More
source-map-url 0.4.1 1 🔗
📦 [email protected] - open 🔗
This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. - 1 total occurrence
Name Version Transitive Dependency Occurrences More
source-map-resolve 0.5.3 1 🔗
📦 [email protected] - open 🔗
This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. - 1 total occurrence
Name Version Transitive Dependency Occurrences More
resolve-url 0.2.1 1 🔗

Powered by listen.dev listen.dev

@jadoonf
Copy link
Owner Author

jadoonf commented Aug 8, 2023

listen.dev listen.dev ∙ Security Report

Severity Count Packages
🚨 Critical 1 [email protected]
⚠️ Medium 3 [email protected], [email protected], [email protected]
🔷 Low 4 [email protected], [email protected], [email protected], [email protected]

@jadoonf
Copy link
Owner Author

jadoonf commented Aug 8, 2023

listen.dev listen.dev ∙ Security Report

🚨 Critical: 1 | ⚠️ Medium: 3 | 🔷 Low: 4

Critical Severity (1)

Medium Severity (3)

Low Severity (4)

Powered by listen.dev listen.dev

@jadoonf
Copy link
Owner Author

jadoonf commented Aug 8, 2023

listen.dev listen.dev ∙ Security Report

Click on the package names for more details.

🚨 Critical (1)

⚠️ Medium (3)

🔷 Low (4)

Powered by listen.dev listen.dev

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jadoonf