8000 Update package.json by jadoonf · Pull Request #24 · jadoonf/sandbox · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Update package.json #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
8000
from
Open

Update package.json #24

wants to merge 1 commit into from

Conversation

jadoonf
Copy link
Owner
@jadoonf jadoonf commented Aug 30, 2023

No description provided.

@jadoonf jadoonf closed this Sep 21, 2023
@jadoonf jadoonf reopened this Sep 21, 2023
Repository owner deleted a comment from github-actions bot Sep 21, 2023
@github-actions
Copy link

listen.dev ∙ Security Report

critical 🚨 8 medium ⚠️ 12 low 🔷 10

🔍 The following behaviors have been detected in the dependency tree during installation

🚨 Critical severity
📑🔀 2 categories

  • 📑 Metadata ∙ 4 packages
    • 📦 rollup@3.29.2 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package has inconsistent dependencies in the tarball's package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        rollup 3.29.2 1 🔗
    • 📦 google-closure-compiler@20230206.0.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package has inconsistent dependencies in the tarball's package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        google-closure-compiler 20230206.0.0 1 🔗
    • 📦 babel-plugin-syntax-trailing-function-commas@6.22.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package has inconsistent scripts in the tarball's package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        babel-plugin-syntax-trailing-function-commas 6.22.0 1 🔗
    • 📦 art@0.10.1 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package has inconsistent scripts in the tarball's package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        art 0.10.1 1 🔗
  • 🔀 Typosquatting ∙ 4 packages
    • 📦 random-seed@0.3.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • The name of this package closely resembles other package names ("seed-random") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        random-seed 0.3.0 1 🔗
    • 📦 coffee-script@1.12.7 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • The name of this package closely resembles other package names ("coffeescript") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        coffee-script 1.12.7 1 🔗
    • 📦 cli-table@0.3.11 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • The name of this package closely resembles other package names ("cli-table3") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        cli-table 0.3.11 1 🔗
    • 📦 art@0.10.1 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • The name of this package closely resembles other package names ("arg") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        art 0.10.1 1 🔗
⚠️ Medium severity
📡📑🔎 3 categories

  • 📡 Dynamic instrumentation ∙ 1 package
    • 📦 eslint-plugin-react@6.10.3 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • npm install spawned a process ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        es5-ext 0.10.62 ✔️ 1 🔗
  • 📑 Metadata ∙ 1 package
    • 📦 jest-environment-jsdom@29.7.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package has an empty description on the NPM registry: it might be the marker of a low quality package. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        jest-environment-jsdom 29.7.0 1 🔗
  • 🔎 Static analysis ∙ 10 packages
    • 📦 yargs@15.4.1 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        yargs 15.4.1 1 🔗
    • 📦 web-streams-polyfill@3.2.1 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        web-streams-polyfill 3.2.1 1 🔗
    • 📦 typescript@3.9.10 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        typescript 3.9.10 1 🔗
    • 📦 rollup@3.29.2 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        rollup 3.29.2 1 🔗
    • 📦 eslint-plugin-jest@22.21.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        eslint-plugin-jest 22.21.0 1 🔗
    • 📦 error-stack-parser@2.1.4 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        error-stack-parser 2.1.4 1 🔗
    • 📦 abortcontroller-polyfill@1.7.5 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        abortcontroller-polyfill 1.7.5 1 🔗
    • 📦 @rollup/plugin-replace@5.0.2 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        @rollup/plugin-replace 5.0.2 1 🔗
    • 📦 @rollup/plugin-node-resolve@15.2.1 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        @rollup/plugin-node-resolve 15.2.1 1 🔗
    • 📦 @rollup/plugin-commonjs@24.1.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • install script detected in package.json ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        @rollup/plugin-commonjs 24.1.0 1 🔗
🔷 Low severity
📑🔎 2 categories

  • 📑 Metadata ∙ 8 packages
    • 📦 tmp@0.1.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        tmp 0.1.0 1 🔗
    • 📦 random-seed@0.3.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        random-seed 0.3.0 1 🔗
    • 📦 mkdirp@0.5.6 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        mkdirp 0.5.6 1 🔗
    • 📦 hermes-parser@0.15.1 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        hermes-parser 0.15.1 1 🔗
    • 📦 hermes-eslint@0.15.1 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        hermes-eslint 0.15.1 1 🔗
    • 📦 flow-bin@0.215.1 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        flow-bin 0.215.1 1 🔗
    • 📦 cli-table@0.3.11 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        cli-table 0.3.11 1 🔗
    • 📦 art@0.10.1 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗
      • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence
        Name Version Transitive Dependency Occurrences More
        art 0.10.1 1 🔗
  • 🔎 Static analysis ∙ 1 package
    • 📦 danger@11.2.8 ∙ 2 occurrences ∙ 1 kind of issue ∙ open 🔗
      • shady link detected in package ∙ 2 total occurrences
        Name Version Transitive Dependency Occurrences More
        danger 11.2.8 2 🔗
### 🚩 Some problems have been encountered
🔗 Package not analysed yet ∙ 12 occurrences ∙ Package not analysed yet

See docs 🔗

Powered by listen.dev

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jadoonf
0