Dependencies upgrade and module template sync

[georgewrmarshall]

Description

This PR aims to update the design token package, which was originally generated from the metamask-module-template. Over time, the package has become outdated and incompatible with mobile and portfolio due to dependency issues, particularly with node versions. This PR addresses these issues by updating the dependencies and aligning the package with the most recent module template using the template sync package.

The upgrade to yarn version 3 also necessitated changes to the GitHub workflow files, which were updated to align with the module template. This alignment should enhance the automation of our releases. Due to the upgraded node and yarn versions, this PR includes numerous other dependency updates, file changes, lint fixes, and the inclusion of config files.

Fixes: #597

Manual Testing Steps

Because mobile and portfolio are using yarn v1 and the design tokens is using v3. It's quite hard to test using yarn link. But if you pull this branch and try to use yarn link on a project that use yarn 3 it will work like the module template.

1. Clone the https://github.com/MetaMask/metamask-module-template
2. Pull this branch
3. Run yarn && yarn build
4. Back in metamask-module-template
5. Run yarn link ../path/to/design-tokens
6. Make sure the design tokens package is in the node_modules folder
7. import brandColor in to the index.ts file

Other smoke tests

• Check GitHub workflows are working as expected: forked repo and tested workflows that required merging to main here https://github.com/georgewrmarshall/design-tokens/actions/runs/7748831295
• Check storybook works yarn storybook

Screencasts/Screenshots

Screencast below shows yarn link version of the design-tokens to the module-template as a test to ensure that the brandColor object in the v1.13 release is importing and working as intended

https://github.com/MetaMask/design-tokens/assets/8112138/5e5f52c4-3be1-462a-8c02-bbe5f4b5912d

[socket-security[bot]]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@aashutoshrathi/word-wrap@1.2.6	None	0	10.9 kB	aashutoshrathi
npm/@babel/core@7.23.9	environment, filesystem, unsafe Transitive: shell	+52	10.8 MB	nicolo-ribaudo
npm/@babel/generator@7.23.6	Transitive: environment	+10	3.38 MB	nicolo-ribaudo
npm/@babel/helper-compilation-targets@7.23.6	Transitive: environment, filesystem, shell	+12	2.6 MB	nicolo-ribaudo
npm/@babel/helper-create-class-features-plugin@7.23.10	Transitive: environment, filesystem, shell, unsafe	+58	11.2 MB	nicolo-ribaudo
npm/@babel/helper-define-polyfill-provider@0.5.0	unsafe Transitive: environment, filesystem, shell	+61	11.2 MB	nicolo-ribaudo
npm/@babel/helpers@7.23.9	Transitive: environment	+31	6.81 MB	nicolo-ribaudo
npm/@babel/parser@7.23.9	None	0	1.88 MB	nicolo-ribaudo
npm/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly@7.23.7	Transitive: environment, filesystem, shell, unsafe	+54	10.8 MB	nicolo-ribaudo
npm/@babel/plugin-transform-async-generator-functions@7.23.9	Transitive: environment, filesystem, shell, unsafe	+58	10.8 MB	nicolo-ribaudo
npm/@babel/plugin-transform-classes@7.23.8	Transitive: environment, filesystem, shell, unsafe	+58	11 MB	nicolo-ribaudo
npm/@babel/plugin-transform-for-of@7.23.6	Transitive: environment, filesystem, shell, unsafe	+55	10.8 MB	nicolo-ribaudo
npm/@babel/plugin-transform-modules-systemjs@7.23.9	Transitive: environment, filesystem, shell, unsafe	+54	10.8 MB	nicolo-ribaudo
npm/@babel/plugin-transform-typescript@7.23.6	Transitive: environment, filesystem, shell, unsafe	+61	11.4 MB	nicolo-ribaudo
npm/@babel/preset-env@7.23.9	environment Transitive: filesystem, shell, unsafe	+160	14.7 MB	nicolo-ribaudo
npm/@babel/register@7.23.7	environment, filesystem, unsafe Transitive: shell	+72	11.1 MB	nicolo-ribaudo
npm/@babel/runtime@7.23.9	None	+1	277 kB	nicolo-ribaudo
npm/@babel/template@7.23.9	Transitive: environment	+15	4.59 MB	nicolo-ribaudo
npm/@babel/traverse@7.23.9	Transitive: environment	+30	6.22 MB	nicolo-ribaudo
npm/@babel/types@7.23.9	environment	+3	2.49 MB	nicolo-ribaudo
npm/@cspotcode/source-map-support@0.8.1	filesystem	+3	295 kB	cspotcode
npm/@es-joy/jsdoccomment@0.36.1	None	+4	1.7 MB	brettz9
npm/@eslint-community/regexpp@4.10.0	None	0	431 kB	eslint-community-bot
npm/@eslint/eslintrc@2.1.4	filesystem, unsafe Transitive: environment, eval	+23	4.33 MB	eslintbot
npm/@eslint/js@8.56.0	None	0	13.9 kB	eslintbot
npm/@floating-ui/core@1.6.0	None	+1	280 kB	atomiks
npm/@floating-ui/dom@1.6.1	None	+2	429 kB	atomiks
npm/@floating-ui/react-dom@2.0.8	Transitive: environment	+9	3.9 MB	atomiks
npm/@floating-ui/utils@0.2.1	None	0	72.7 kB	atomiks
npm/@gar/promisify@1.1.3	None	0	4.2 kB	gar
npm/@humanwhocodes/config-array@0.11.14	Transitive: environment	+6	181 kB	nzakas
npm/@humanwhocodes/module-importer@1.0.1	unsafe	0	21.2 kB	nzakas
npm/@humanwhocodes/object-schema@2.0.2	None	0	53.3 kB	nzakas
npm/@inquirer/confirm@0.0.14-alpha.0	Transitive: environment	+12	292 kB	sboudrias
npm/@inquirer/core@0.0.15-alpha.0	Transitive: environment	+10	281 kB	sboudrias
npm/@inquirer/input@0.0.15-alpha.0	Transitive: environment	+11	289 kB	sboudrias
npm/@jest/console@28.1.3	Transitive: environment, filesystem, unsafe	+34	4.29 MB	simenb
npm/@jest/core@28.1.3	unsafe Transitive: environment, eval, filesystem, network, shell	+259	467 MB	simenb
npm/@jest/environment@28.1.3	Transitive: environment, eval, filesystem, unsafe	+39	4.52 MB	simenb
npm/@jest/expect-utils@28.1.3	None	+1	29.6 kB	simenb
npm/@jest/expect@28.1.3	Transitive: environment, eval, filesystem, network, shell, unsafe	+123	15.9 MB	simenb
npm/@jest/fake-timers@28.1.3	Transitive: environment, eval, filesystem, unsafe	+38	4.51 MB	simenb
npm/@jest/reporters@28.1.3	environment, unsafe Transitive: filesystem, network, shell	+128	16.6 MB	simenb
npm/@jest/source-map@28.1.2	Transitive: environment, filesystem	+5	308 kB	simenb
npm/@jest/test-result@28.1.3	Transitive: environment, filesystem, unsafe	+36	4.31 MB	simenb
npm/@jest/test-sequencer@28.1.3	Transitive: environment, filesystem, network, shell, unsafe	+51	4.67 MB	simenb
npm/@jridgewell/gen-mapping@0.3.3	None	+4	359 kB	jridgewell
npm/@jridgewell/trace-mapping@0.3.22	None	+2	265 kB	jridgewell
npm/@lavamoat/aa@3.1.5	filesystem Transitive: environment	+6	249 kB	boneskull
npm/@lavamoat/allow-scripts@2.5.1	environment, filesystem, shell Transitive: network	+112	5.58 MB	boneskull
npm/@lavamoat/preinstall-always-fail@1.0.3	None	0	2.87 kB	boneskull
npm/@metamask/eslint-config-jest@12.1.0	Transitive: environment, eval, filesystem, network, shell, unsafe	+433	503 MB	metamaskbot
npm/@metamask/eslint-config-nodejs@12.1.0	Transitive: environment, eval, filesystem, shell, unsafe	+175	32.2 MB	metamaskbot
npm/@metamask/eslint-config-typescript@12.1.0	Transitive: environment, eval, filesystem, shell, unsafe	+196	105 MB	metamaskbot
npm/@metamask/eslint-config@12.2.0	Transitive: environment, eval, filesystem, shell, unsafe	+166	30.6 MB	metamaskbot
npm/@npmcli/agent@2.2.0	environment, network	+9	478 kB	npm-cli-ops
npm/@npmcli/fs@2.1.2	filesystem	+2	57.8 kB	gar
npm/@npmcli/move-file@2.0.1	filesystem Transitive: environment	+11	99.8 kB	gar
npm/@npmcli/node-gyp@3.0.0	filesystem	0	1.87 kB	lukekarrys
npm/@npmcli/promise-spawn@6.0.2	environment, shell Transitive: filesystem	+2	30.2 kB	nlf
npm/@npmcli/run-script@6.0.2	environment, filesystem Transitive: network, shell	+89	4.62 MB	npm-cli-ops
npm/@pkgr/core@0.1.1	None	0	8.54 kB	jounqin
npm/@sinonjs/commons@1.8.6	None	+1	80.8 kB	mrgnrdrck
npm/@sinonjs/fake-timers@9.1.2	eval	+2	172 kB	fatso83
npm/@storybook/addon-a11y@7.6.12	None	+3	2.49 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/addon-actions@7.6.12	None	+9	3.67 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/addon-backgrounds@7.6.12	Transitive: environment	+4	110 kB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/addon-controls@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+249	251 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/addon-docs@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+354	268 MB	shilman
npm/@storybook/addon-essentials@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+365	268 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/addon-highlight@7.6.12	None	+1	12.5 kB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/addon-links@7.6.12	Transitive: environment	+8	915 kB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/addon-mdx-gfm@7.6.12	Transitive: environment	+73	2.8 MB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/addon-measure@7.6.12	None	+2	34.8 kB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/addon-outline@7.6.12	None	+2	44.8 kB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/addon-toolbars@7.6.12	None	0	10.1 kB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/addon-viewport@7.6.12	Transitive: environment	+2	82.2 kB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/blocks@7.6.12	eval Transitive: environment, filesystem, network, shell, unsafe	+248	251 MB	shilman
npm/@storybook/builder-manager@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+221	237 MB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/builder-webpack5@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+417	703 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/channels@7.6.12	Transitive: environment, eval	+21	900 kB	shilman
npm/@storybook/cli@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+605	290 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/client-logger@7.6.12	None	+1	11.8 kB	shilman
npm/@storybook/codemod@7.6.12	Transitive: environment, eval, filesystem, shell, unsafe	+304	37.5 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/components@7.6.12	environment, eval Transitive: filesystem	+112	23 MB	shilman
npm/@storybook/core-client@7.6.12	Transitive: environment, eval, filesystem, network	+55	11.6 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/core-common@7.6.12	environment, filesystem, network, unsafe Transitive: eval, shell	+152	232 MB	shilman
npm/@storybook/core-events@7.6.12	None	+1	99.8 kB	shilman
npm/@storybook/core-server@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+348	261 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/core-webpack@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+153	232 MB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/csf-plugin@7.6.12	filesystem Transitive: environment, eval	+102	14.8 MB	shilman
npm/@storybook/csf-tools@7.6.12	eval, filesystem Transitive: environment	+98	14.5 MB	shilman
npm/@storybook/docs-tools@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+178	233 MB	shilman
npm/@storybook/manager-api@7.6.12	environment, network Transitive: eval, filesystem	+62	15.4 MB	shilman
npm/@storybook/manager@7.6.12	None	0	2.56 MB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/node-logger@7.6.12	environment	0	168 kB	shilman
npm/@storybook/postinstall@7.6.12	None	0	7.21 kB	shilman
npm/@storybook/preset-react-webpack@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+363	329 MB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/preview-api@7.6.12	network Transitive: environment, eval, filesystem	+54	11.6 MB	shilman
npm/@storybook/preview@7.6.12	None	0	359 kB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/react-dom-shim@7.6.12	Transitive: environment	+6	3.52 MB	shilman
npm/@storybook/react-webpack5@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+501	713 MB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/react@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+204	309 MB	hypnosphi, igor-dv, jreinhold, ...5 more
npm/@storybook/router@7.6.12	environment, eval	+17	712 kB	shilman
npm/@storybook/telemetry@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+233	236 MB	alexandrebodin, amalik2, dandean, ...23 more
npm/@storybook/theming@7.6.12	environment	+11	4.23 MB	shilman
npm/@storybook/types@7.6.12	Transitive: environment, eval, filesystem	+48	10.5 MB	shilman
npm/@swc/core-darwin-arm64@1.3.107	None	0	35.3 MB	kdy1
npm/@swc/core-darwin-x64@1.3.107	None	0	37.5 MB	kdy1
npm/@swc/core-linux-arm64-gnu@1.3.107	None	0	41.4 MB	kdy1
npm/@swc/core-linux-arm64-musl@1.3.107	None	0	50.5 MB	kdy1
npm/@swc/core-linux-x64-gnu@1.3.107	None	0	46.7 MB	kdy1
npm/@swc/core-linux-x64-musl@1.3.107	None	0	56.1 MB	kdy1
npm/@swc/core-win32-arm64-msvc@1.3.107	None	0	32.2 MB	kdy1
npm/@swc/core-win32-ia32-msvc@1.3.107	None	0	27.1 MB	kdy1
npm/@swc/core-win32-x64-msvc@1.3.107	None	0	50 MB	kdy1
npm/@swc/core@1.3.107	environment, filesystem, shell	+11	377 MB	kdy1
npm/@tootallnate/once@2.0.0	None	0	16.3 kB	tootallnate
npm/@tsconfig/node10@1.0.9	None	0	2.39 kB	typescript-deploys
npm/@tsconfig/node12@1.0.11	None	0	2.5 kB	typescript-deploys
npm/@tsconfig/node14@1.0.3	None	0	2.39 kB	typescript-deploys
npm/@tsconfig/node16@1.0.4	None	0	2.45 kB	typescript-deploys
npm/@types/babel__generator@7.6.8	Transitive: environment	+4	2.51 MB	types
npm/@types/babel__template@7.4.4	Transitive: environment	+5	4.38 MB	types
npm/@types/babel__traverse@7.20.5	Transitive: environment	+4	2.58 MB	types
npm/@types/eslint@8.56.2	None	+2	241 kB	types
npm/@types/express-serve-static-core@4.17.42	None	+5	3.61 MB	types
npm/@types/istanbul-lib-coverage@2.0.6	None	0	5.45 kB	types
npm/@types/istanbul-lib-report@3.0.3	None	+1	13.4 kB	types
npm/@types/istanbul-reports@3.0.4	None	+2	20 kB	types
npm/@types/jest@28.1.8	Transitive: environment, filesystem, unsafe	+43	4.74 MB	types
npm/@types/lodash@4.14.202	None	0	862 kB	types
npm/@types/mdx@2.0.11	None	0	9.71 kB	types
npm/@types/node-fetch@2.6.11	Transitive: filesystem, network	+7	3.86 MB	types
npm/@types/node@16.18.79	None	0	3.54 MB	types
npm/@types/normalize-package-data@2.4.4	None	0	5.81 kB	types
npm/@types/prettier@2.7.3	None	0	49.8 kB	types
npm/@types/pretty-hrtime@1.0.3	None	0	3.12 kB	types
npm/@types/qs@6.9.11	None	0	6.39 kB	types
npm/@types/stack-utils@2.0.3	None	0	6.43 kB	types
npm/@types/uuid@9.0.8	None	0	6.74 kB	types
npm/@types/yargs-parser@21.0.3	None	0	8.65 kB	types
npm/@typescript-eslint/eslint-plugin@5.62.0	Transitive: environment, eval, filesystem, shell, unsafe	+118	85.9 MB	jameshenry
npm/@typescript-eslint/parser@5.62.0	Transitive: environment, eval, filesystem, shell, unsafe	+110	82.7 MB	jameshenry
npm/@typescript-eslint/type-utils@5.62.0	Transitive: environment, eval, filesystem, shell, unsafe	+115	83.5 MB	jameshenry
npm/@ungap/structured-clone@1.2.0	None	0	26.2 kB	webreflection
npm/@vue/compiler-core@3.4.15	environment, eval	+4	3.03 MB	yyx990803
npm/@vue/compiler-dom@3.4.15	environment, eval	+5	3.64 MB	yyx990803
npm/@vue/compiler-sfc@3.4.15	environment, eval, filesystem, unsafe	+12	6.67 MB	yyx990803
npm/@vue/compiler-ssr@3.4.15	Transitive: environment, eval	+6	3.68 MB	yyx990803
npm/@vue/shared@3.4.15	environment	0	80 kB	yyx990803
npm/agentkeepalive@4.5.0	network	+2	54.2 kB	fengmk2
npm/any-promise@1.3.0	None	0	22.2 kB	kevinbeaty
npm/anymatch@3.1.3	None	+2	109 kB	phated
npm/aproba@2.0.0	None	0	8.05 kB	iarna
npm/are-we-there-yet@3.0.1	Transitive: environment	+6	202 kB	lukekarrys
npm/arg@4.1.3	None	0	12.9 kB	qix
npm/argparse@2.0.1	environment, filesystem	0	172 kB	vitaly
npm/array-differ@3.0.0	None	0	3.06 kB	sindresorhus
npm/array-includes@3.1.7	Transitive: eval	+43	3.04 MB	ljharb
npm/array.prototype.flat@1.3.2	Transitive: eval	+44	3.05 MB	ljharb
npm/arrify@2.0.1	None	0	3.19 kB	sindresorhus
npm/available-typed-arrays@1.0.6	None	0	20.4 kB	ljharb
npm/axe-core@4.8.3	None	0	2.44 MB	npmdeque
npm/babel-jest@28.1.3	environment Transitive: eval, filesystem, network, shell, unsafe	+106	15.3 MB	simenb
npm/babel-loader@8.3.0	filesystem Transitive: environment, eval, shell, unsafe	+124	25.8 MB	nicolo-ribaudo
npm/babel-plugin-jest-hoist@28.1.3	Transitive: environment	+20	4.74 MB	simenb
npm/babel-plugin-polyfill-corejs2@0.4.8	Transitive: environment, filesystem, shell, unsafe	+62	11.3 MB	nicolo-ribaudo
npm/babel-plugin-polyfill-corejs3@0.9.0	Transitive: environment, filesystem, shell, unsafe	+63	12.1 MB	nicolo-ribaudo
npm/babel-plugin-polyfill-regenerator@0.5.5	Transitive: environment, filesystem, shell, unsafe	+62	11.2 MB	nicolo-ribaudo
npm/babel-preset-jest@28.1.3	Transitive: environment, eval, filesystem, shell, unsafe	+72	11 MB	simenb
npm/bin-links@4.0.1	filesystem	+6	143 kB	lukekarrys
npm/browserslist@4.22.3	environment, filesystem Transitive: shell	+6	2.37 MB	ai
npm/builtins@5.0.1	None	+1	18.5 kB	juliangruber
npm/bundle-require@4.0.2	environment, filesystem, unsafe Transitive: network, shell	+24	208 MB	egoist
npm/cac@6.7.14	None	0	81.8 kB	egoist
npm/cacache@16.1.3	filesystem Transitive: environment	+33	607 kB	lukekarrys
npm/callsite@1.0.0	None	0	1.47 kB	tjholowaychuk
npm/caniuse-lite@1.0.30001582	None	0	1.97 MB	caniuse-lite
npm/cli-width@3.0.0	environment	0	11.5 kB	knownasilya
npm/cmd-shim@6.0.2	filesystem	0	12.1 kB	npm-cli-ops
npm/collect-v8-coverage@1.0.2	unsafe	0	5.14 kB	simenb
npm/color-support@1.1.3	None	0	9.23 kB	isaacs
npm/comment-parser@1.3.1	None	0	363 kB	yavorskiys
npm/core-js-compat@3.35.1	Transitive: environment, filesystem, shell	+7	3.07 MB	zloirock
npm/core-js-pure@3.35.1	environment, eval, filesystem	0	1.07 MB	zloirock
npm/create-require@1.1.1	filesystem, unsafe	0	6.25 kB	pi0
npm/deepmerge@4.3.1	None	0	31.2 kB	tehshrike
npm/defu@6.1.4	None	0	19.6 kB	pi0
npm/depcheck@1.4.7	filesystem, unsafe Transitive: environment, eval	+118	14.5 MB	rumpl
npm/deps-regex@0.2.0	None	0	6.82 kB	mathieudutour
npm/detect-file@1.0.0	filesystem	0	8.63 kB	doowb
npm/detect-indent@7.0.1	None	0	9.75 kB	sindresorhus
npm/diff-sequences@28.1.1	None	0	46 kB	simenb
npm/dotenv@16.4.1	environment, filesystem	0	76 kB	motdotla
npm/electron-to-chromium@1.4.653	None	0	272 kB	kilianvalkhof
npm/emittery@0.10.2	None	0	44.4 kB	sindresorhus
npm/encoding@0.1.13	None	+2	398 kB	andris
npm/entities@4.5.0	None	0	413 kB	feedic
npm/err-code@2.0.3	None	0	12.3 kB	achingbrain
npm/es-abstract@1.22.3	Transitive: eval	+42	3.02 MB	ljharb
npm/es-shim-unscopables@1.0.2	None	+2	53.3 kB	ljharb
npm/eslint-config-prettier@8.10.0	Transitive: environment, eval, filesystem, shell, unsafe	+89	11.8 MB	lydell
npm/eslint-import-resolver-node@0.3.9	Transitive: environment, filesystem	+8	297 kB	ljharb
npm/eslint-module-utils@2.8.0	None	+1	43.2 kB	ljharb
npm/eslint-plugin-es@4.1.0	Transitive: environment, eval, filesystem, shell, unsafe	+92	12.6 MB	mysticatea
npm/eslint-plugin-jest@27.6.3	filesystem Transitive: environment, eval, network, shell, unsafe	+361	484 MB	simenb
npm/eslint-plugin-jsdoc@39.9.1	Transitive: environment, eval, filesystem, shell, unsafe	+96	14.1 MB	gajus
npm/eslint-plugin-n@15.7.0	filesystem Transitive: environment, eval, shell, unsafe	+103	13.6 MB	weiran.zsd
npm/eslint-plugin-prettier@4.2.1	Transitive: environment, eval, filesystem, shell, unsafe	+92	23.1 MB	jounqin
npm/eslint-plugin-promise@6.1.1	Transitive: environment, eval, filesystem, shell, unsafe	+89	11.8 MB	eslint-community-bot
npm/eslint-visitor-keys@3.4.3	None	0	32.3 kB	eslintbot
npm/eslint@8.56.0	environment, filesystem Transitive: eval, shell, unsafe	+88	11.8 MB	eslintbot
npm/espree@9.6.1	None	+4	1.87 MB	eslintbot
npm/esquery@1.5.0	None	+1	1.04 MB	michaelficarra
npm/estree-walker@2.0.2	None	0	50.2 kB	rich_harris
npm/expand-tilde@2.0.2	Transitive: environment, filesystem	+2	20.6 kB	doowb
npm/expect@28.1.3	Transitive: environment, filesystem, unsafe	+42	4.67 MB	simenb
npm/exponential-backoff@3.1.1	None	0	37.3 kB	sssayegh
npm/fast-diff@1.3.0	None	0	52.3 kB	luin
npm/fast-glob@3.3.2	filesystem	+17	508 kB	mrmlnc
npm/fastq@1.17.0	None	+1	51.2 kB	matteo.collina
npm/fb-watchman@2.0.2	environment, network, shell	+2	45.3 kB	bolinfest
npm/filing-cabinet@3.3.1	filesystem, unsafe Transitive: environment, eval, shell	+43	4.65 MB	mrjoelkemp
npm/findup-sync@5.0.0	filesystem Transitive: environment	+19	359 kB	phated
npm/flat-cache@3.2.0	filesystem Transitive: environment	+11	141 kB	jaredwray
npm/flatted@3.2.9	None	0	40.1 kB	webreflection
npm/flow-parser@0.227.0	None	0	746 kB	flowtype
npm/function.prototype.name@1.1.6	Transitive: eval	+42	3.02 MB	ljharb
npm/gauge@4.0.4	Transitive: environment	+8	138 kB	gar
npm/get-stdin@9.0.0	None	0	4.54 kB	sindresorhus
npm/giget@1.2.1	environment, network Transitive: filesystem	+10	1.12 MB	pi0
npm/git-hooks-list@3.1.0	None	0	5.57 kB	fisker
npm/github-slugger@1.5.0	None	0	13.5 kB	wooorm
npm/glob-parent@6.0.2	None	+2	27.5 kB	phated
npm/global-modules@1.0.0	Transitive: environment, filesystem	+9	79.7 kB	jonschlinkert
npm/global-prefix@1.0.2	environment, filesystem	+7	66.8 kB	phated
npm/graphemer@1.4.0	None	0	812 kB	mattpauldavies
npm/handlebars@4.7.8	filesystem Transitive: environment, eval	+4	4.45 MB	jaylinski
npm/has-property-descriptors@1.0.1	Transitive: eval	+5	121 kB	ljharb
npm/has-tostringtag@1.0.2	None	+1	38.2 kB	ljharb
npm/has@1.0.4	None	0	3.02 kB	tarruda
npm/homedir-polyfill@1.0.3	environment, filesystem	+1	14 kB	doowb
npm/html-tags@3.3.1	None	0	5.94 kB	sindresorhus
npm/html-webpack-plugin@5.6.0	filesystem, unsafe Transitive: environment, eval, network, shell	+100	19.4 MB	evilebottnawi
npm/http-cache-semantics@4.1.1	None	0	35.9 kB	kornel
npm/http-proxy-agent@5.0.0	network Transitive: environment	+4	106 kB	tootallnate
npm/humanize-ms@1.2.1	None	+1	10.5 kB	dead_horse
npm/ignore@5.3.1	None	0	51.5 kB	kael
npm/immutable@4.3.5	None	0	679 kB	leebyron
npm/ini@1.3.8	None	0	9.3 kB	isaacs
npm/internal-slot@1.0.6	Transitive: eval	+12	329 kB	ljharb
npm/is-lambda@1.0.1	None	0	2.94 kB	watson
npm/istanbul-lib-coverage@3.2.2	None	0	34.4 kB	oss-bot
npm/istanbul-lib-instrument@5.2.1	Transitive: environment, filesystem, shell, unsafe	+55	10.9 MB	oss-bot
npm/istanbul-lib-report@3.0.1	filesystem	+4	101 kB	oss-bot
npm/istanbul-reports@3.1.6	Transitive: filesystem	+6	408 kB	oss-bot
npm/jest-changed-files@28.1.3	environment Transitive: filesystem, shell	+18	236 kB	simenb
npm/jest-circus@28.1.3	Transitive: environment, eval, filesystem, network, shell, unsafe	+180	17.2 MB	simenb
npm/jest-cli@28.1.3	Transitive: environment, eval, filesystem, network, shell, unsafe	+272	467 MB	simenb
npm/jest-config@28.1.3	Transitive: environment, eval, filesystem, network, shell, unsafe	+230	465 MB	simenb
npm/jest-diff@28.1.3	Transitive: environment	+6	236 kB	simenb
npm/jest-docblock@28.1.1	None	+1	12.9 kB	simenb
npm/jest-each@28.1.3	Transitive: environment, filesystem	+14	3.92 MB	simenb
npm/jest-environment-node@28.1.3	unsafe Transitive: environment, eval, filesystem	+40	4.53 MB	simenb
npm/jest-get-type@28.0.2	None	0	3.85 kB	simenb
npm/jest-it-up@2.2.0	filesystem Transitive: environment, shell	+15	501 kB	rbardini
npm/jest-leak-detector@28.1.3	unsafe Transitive: environment	+5	118 kB	simenb
npm/jest-matcher-utils@28.1.3	Transitive: environment	+7	263 kB	simenb
npm/jest-message-util@28.1.3	Transitive: environment, filesystem, unsafe	+32	4.25 MB	simenb
npm/jest-mock@28.1.3	None	+6	3.67 MB	simenb
npm/jest-pnp-resolver@1.2.3	Transitive: environment, filesystem, network, shell, unsafe	+45	4.75 MB	arcanis
npm/jest-resolve-dependencies@28.1.3	Transitive: environment, eval, filesystem, network, shell, unsafe	+123	15.9 MB	simenb
npm/jest-resolve@28.1.3	environment, unsafe Transitive: filesystem, network, shell	+45	4.75 MB	simenb
npm/jest-runner@28.1.3	environment Transitive: eval, filesystem, network, shell, unsafe	+182	17.3 MB	simenb
npm/jest-runtime@28.1.3	unsafe Transitive: environment, eval, filesystem, network, shell	+172	17.1 MB	simenb
npm/jest-snapshot@28.1.3	eval Transitive: environment, filesystem, network, shell, unsafe	+122	15.9 MB	simenb
npm/jest-validate@28.1.3	Transitive: environment	+13	3.78 MB	simenb
npm/jest-worker@28.1.3	environment, shell	+4	3.62 MB	simenb
npm/jest@28.1.3	Transitive: environment, eval, filesystem, network, shell, unsafe	+274	467 MB	simenb
npm/joycon@3.1.1	environment, filesystem	0	14 kB	egoist
npm/jsdoc-type-pratt-parser@3.1.0	None	0	229 kB	jsdoc-type-pratt-parser
npm/klona@2.0.6	None	0	23.2 kB	lukeed
npm/lilconfig@3.0.0	filesystem	0	19.3 kB	antonk52
npm/load-tsconfig@0.2.5	None	0	17.1 kB	egoist
npm/lodash.memoize@4.1.2	None	0	20.1 kB	jdalton
npm/lodash.sortby@4.7.0	None	0	75.8 kB	jdalton
npm/magic-string@0.30.6	None	+1	485 kB	antfu
npm/make-fetch-happen@10.2.1	environment, network Transitive: filesystem	+58	2.02 MB	gar
npm/markdown-to-jsx@7.4.1	Transitive: environment	+4	755 kB	probablyup
npm/minimatch@7.4.6	environment	+1	375 kB	isaacs
npm/minimist@1.2.8	None	0	54.5 kB	ljharb
npm/minipass-collect@1.0.2	None	+1	19.6 kB	isaacs
npm/minipass-fetch@2.1.2	environment, network	+6	600 kB	gar
npm/minipass-flush@1.0.5	None	+1	18.5 kB	isaacs
npm/minipass-pipeline@1.2.4	None	+1	21.8 kB	isaacs
npm/minipass-sized@1.0.3	None	+1	139 kB	isaacs
npm/multimatch@5.0.0	None	+7	46.5 kB	sindresorhus
npm/mute-stream@0.0.8	None	0	6.51 kB	isaacs
npm/natural-compare-lite@1.4.0	None	0	5.63 kB	lauriro
npm/node-fetch-native@1.6.1	network	0	718 kB	pi0
npm/node-gyp@9.4.1	environment, shell Transitive: filesystem, network	+82	4.56 MB	lukekarrys
npm/nopt@6.0.0	environment	+1	28.7 kB	gar
npm/npm-normalize-package-bin@3.0.1	None	0	3.58 kB	npm-cli-ops
npm/npmlog@6.0.2	Transitive: environment	+17	361 kB	lukekarrys
npm/object-inspect@1.13.1	None	0	97.2 kB	ljharb
npm/object.values@1.1.7	Transitive: eval	+43	3.05 MB	ljharb
npm/optionator@0.9.3	None	+6	161 kB	gkz
npm/parse-passwd@1.0.0	None	0	5.96 kB	doowb
npm/pathe@1.1.2	None	0	30.8 kB	pi0
npm/please-upgrade-node@3.2.0	None	+1	9.59 kB	typicode
npm/polished@4.3.0	None	+2	3.07 MB	bhough, mxstbr, nikgraf
npm/postcss-load-config@4.0.2	environment, unsafe Transitive: filesystem, shell	+35	452 MB	ai
npm/postcss-modules-local-by-default@4.0.4	Transitive: environment, filesystem	+8	495 kB	evilebottnawi
npm/postcss-modules-scope@3.1.1	Transitive: environment, filesystem	+6	450 kB	evilebottnawi
npm/postcss-selector-parser@6.0.15	None	+2	209 kB	evilebottnawi
npm/postcss@8.4.33	environment, filesystem	+2	227 kB	ai
npm/prettier-plugin-packagejson@2.4.10	Transitive: environment, filesystem, unsafe	+34	12 MB	matzkoh
npm/pretty-format@28.1.3	Transitive: environment	+3	107 kB	simenb
npm/proc-log@3.0.0	None	0	5.21 kB	lukekarrys
npm/promise-inflight@1.0.1	None	0	3.04 kB	iarna
npm/promise-retry@2.0.1	None	+2	60 kB	achingbrain
npm/punycode@2.3.1	None	0	33.5 kB	google-wombot
npm/react-docgen@7.0.3	filesystem Transitive: environment, shell, unsafe	+69	11.5 MB	danez
npm/react-is@18.2.0	environment	0	24 kB	gnoff
npm/read-cmd-shim@4.0.0	filesystem	0	5.16 kB	lukekarrys
npm/read-package-json-fast@3.0.2	filesystem	+2	22.1 kB	lukekarrys
npm/regenerator-runtime@0.14.1	None	0	27.9 kB	benjamn
npm/regexp.prototype.flags@1.5.1	Transitive: eval	+12	275 kB	ljharb
npm/require-package-name@2.0.1	None	0	3.74 kB	mattdesl
npm/resolve-dir@1.0.1	Transitive: environment, filesystem	+9	79.7 kB	phated
npm/resolve.exports@1.1.1	None	0	20.9 kB	lukeed
npm/retry@0.12.0	None	0	32.2 kB	tim-kos
npm/rollup@4.9.6	environment, filesystem	+2	2.37 MB	lukastaegert
npm/run-async@2.4.1	None	0	6.6 kB	sboudrias
npm/sass@1.70.0	filesystem	+1	5.88 MB	sassbot
npm/semver-compare@1.0.0	None	0	4.05 kB	substack
npm/serialize-javascript@6.0.2	None	+2	55.4 kB	redonkulus
npm/set-function-length@1.2.0	Transitive: eval	+8	176 kB	ljharb
npm/smart-buffer@4.2.0	None	0	138 kB	joshglazebrook
npm/socks-proxy-agent@7.0.0	network Transitive: environment	+6	399 kB	kikobeats
npm/socks@2.7.1	network	+2	304 kB	joshglazebrook
npm/sort-package-json@2.7.0	Transitive: filesystem	+29	658 kB	keithamus
npm/source-map-support@0.5.13	filesystem, unsafe	+1	87.5 kB	linusu
npm/spdx-correct@3.2.0	None	+3	50.5 kB	kemitchell
npm/spdx-exceptions@2.4.0	None	0	3.37 kB	kemitchell
npm/spdx-license-ids@3.0.16	None	0	11.8 kB	kemitchell
npm/ssri@9.0.1	None	+1	52.3 kB	nlf
npm/stack-utils@2.0.6	unsafe	+1	17.9 kB	isaacs
npm/storybook@7.6.12	Transitive: environment, eval, filesystem, network, shell, unsafe	+606	290 MB	ndelangen, shilman, usulpro
npm/stream-shift@1.0.3	None	0	4.46 kB	mafintosh
npm/string_decoder@1.3.0	None	+1	46.5 kB	matteo.collina
npm/string.prototype.trimend@1.0.7	Transitive: eval	+42	3.02 MB	ljharb
npm/string.prototype.trimstart@1.0.7	Transitive: eval	+42	3.02 MB	ljharb
npm/sucrase@3.35.0	Transitive: environment, filesystem, shell, unsafe	+40	4.66 MB	alangpierce
npm/supports-hyperlinks@2.3.0	None	+2	18.4 kB	sindresorhus
npm/swc-loader@0.2.4	Transitive: environment, eval, filesystem, shell	+84	395 MB	kdy1
npm/synchronous-promise@2.0.17	None	0	32.1 kB	fluffynuts
npm/synckit@0.9.0	environment	+2	147 kB	jounqin
npm/terser-webpack-plugin@5.3.10	Transitive: environment, eval, filesystem, shell	+71	17.4 MB	evilebottnawi
npm/terser@5.27.0	environment, eval Transitive: filesystem, shell	+8	2.78 MB	fabiosantoscode
npm/thenify-all@1.6.0	None	+2	36.7 kB	dead_horse
npm/thenify@3.3.1	None	+1	30.1 kB	dead_horse
npm/tocbot@4.25.0	None	0	125 kB	tscanlin
npm/tr46@1.0.1	None	+1	356 kB	sebmaster
npm/tree-kill@1.2.2	shell	0	7.82 kB	wmhilton
npm/ts-interface-checker@0.1.13	None	0	68 kB	dsagal2
npm/ts-jest@28.0.8	environment, filesystem, unsafe Transitive: eval, network, shell	+278	468 MB	kul
npm/ts-node@10.9.2	environment, filesystem, unsafe Transitive: shell	+29	451 MB	blakeembrey
npm/tsconfig-paths@3.15.0	environment, filesystem, unsafe	+4	355 kB	jonaskello
npm/tsup@7.3.0	environment, eval, filesystem Transitive: network, shell, unsafe	+172	882 MB	egoist
npm/typescript@4.8.4	None	0	68.8 MB	typescript-bot
npm/uglify-js@3.17.4	environment, eval, filesystem	0	1.28 MB	alexlamsl
npm/unique-filename@2.0.1	None	+2	18 kB	lukekarrys
npm/unique-slug@3.0.0	None	+1	14.5 kB	lukekarrys
npm/universalify@2.0.1	None	0	4.67 kB	ryanzim
npm/unplugin@1.6.0	filesystem Transitive: environment	+2	315 kB	antfu
npm/use-callback-ref@1.3.1	Transitive: environment	+9	2.08 MB	kashey
npm/v8-compile-cache-lib@3.0.1	environment, filesystem, unsafe	0	18.2 kB	cspotcode
npm/v8-to-istanbul@9.2.0	filesystem, unsafe	+5	333 kB	oss-bot
npm/webidl-conversions@4.0.2	None	0	19.3 kB	domenic
npm/webpack-hot-middleware@2.26.1	None	+3	154 kB	d3viant0ne, evilebottnawi, glenjamin
npm/webpack@5.90.1	Transitive: environment, eval, filesystem, shell	+71	17.4 MB	evilebottnawi, jhnns, sokra, ...1 more
npm/which-typed-array@1.1.14	Transitive: eval	+14	319 kB	ljharb
npm/which@3.0.1	environment Transitive: filesystem	+1	18.4 kB	npm-cli-ops
npm/ws@8.16.0	environment, network	0	141 kB	lpinca
npm/yn@3.1.1	None	0	6.31 kB	sindresorhus

🚮 Removed packages: npm/@babel/core@7.23.5, npm/@babel/generator@7.23.5, npm/@babel/helper-compilation-targets@7.22.15, npm/@babel/helper-create-class-features-plugin@7.23.5, npm/@babel/parser@7.23.5, npm/@babel/preset-env@7.23.5, npm/@babel/runtime@7.23.5, npm/@babel/template@7.22.15, npm/@babel/traverse@7.23.5, npm/@babel/types@7.23.5, npm/@jridgewell/gen-mapping@0.3.2, npm/@jridgewell/trace-mapping@0.3.20, npm/@lavamoat/allow-scripts@1.0.6, npm/@metamask/eslint-config-jest@9.0.0, npm/@metamask/eslint-config-nodejs@9.0.0, npm/@metamask/eslint-config-typescript@9.0.1, npm/@metamask/eslint-config@9.0.0, npm/@storybook/addon-a11y@7.6.10, npm/@storybook/addon-actions@7.6.10, npm/@storybook/addon-essentials@7.6.10, npm/@storybook/addon-links@7.6.10, npm/@storybook/addon-mdx-gfm@7.6.10, npm/@storybook/react-webpack5@7.6.10, npm/@storybook/react@7.6.10, npm/@types/babel__traverse@7.20.4, npm/@types/istanbul-lib-coverage@2.0.4, npm/@types/jest@26.0.24, npm/@types/node@18.19.3, npm/@types/qs@6.9.10, npm/@typescript-eslint/eslint-plugin@4.33.0, npm/@typescript-eslint/experimental-utils@4.33.0, npm/@typescript-eslint/parser@4.33.0, npm/abab@2.0.6, npm/anymatch@3.1.2, npm/assert-plus@1.0.0, npm/babel-loader@8.2.5, npm/browserslist@4.22.2, npm/core-js-compat@3.34.0, npm/es-abstract@1.20.1, npm/eslint-config-prettier@8.5.0, npm/eslint-plugin-jest@24.7.0, npm/eslint-plugin-jsdoc@36.1.1, npm/eslint-plugin-prettier@3.4.1, npm/eslint@7.32.0, npm/espree@7.3.1, npm/extend-shallow@3.0.2, npm/extsprintf@1.3.0, npm/fast-glob@3.2.11, npm/get-value@2.0.6, npm/ignore@5.2.0, npm/is-descriptor@1.0.2, npm/is-extendable@0.1.1, npm/is-typedarray@1.0.0, npm/istanbul-lib-coverage@3.2.0, npm/jest-diff@26.6.2, npm/jest@26.6.3, npm/minimist@1.2.6, npm/object-inspect@1.12.2, npm/postcss-modules-local-by-default@4.0.3, npm/postcss-selector-parser@6.0.10, npm/postcss@8.4.32, npm/prettier-plugin-packagejson@2.2.18, npm/pretty-format@26.6.2, npm/psl@1.9.0, npm/punycode@2.1.1, npm/regex-not@1.0.2, npm/sass@1.54.3, npm/set-value@2.0.1, npm/split-string@3.1.0, npm/storybook@7.6.10, npm/terser-webpack-plugin@5.3.9, npm/terser@5.26.0, npm/to-regex@3.0.2, npm/ts-jest@26.5.6, npm/tsconfig-paths@3.14.1, npm/tweetnacl@0.14.5, npm/typescript@4.7.4, npm/whatwg-url@8.7.0, npm/which-typed-array@1.1.13

View full report↗︎

[socket-security[bot]]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
New author	npm/istanbul-lib-report@3.0.1	New Author: oss-bot Previous Author: coreyfarrell	Source
New author	npm/anymatch@3.1.3	New Author: phated Previous Author: paulmillr	Source
New author	npm/fb-watchman@2.0.2	New Author: bolinfest Previous Author: wez	Source
New author	npm/supports-hyperlinks@2.3.0	New Author: sindresorhus Previous Author: jamestalmage	Source
New author	npm/react-is@18.2.0	New Author: gnoff Previous Author: acdlite	Source
New author	npm/fast-diff@1.3.0	New Author: luin Previous Author: dgreensp	Source
Shell access	npm/tree-kill@1.2.2	Module: child_process Location: Package overview	Source
New author	npm/resolve-dir@1.0.1	New Author: phated Previous Author: jonschlinkert	Source
New author	npm/expand-tilde@2.0.2	New Author: doowb Previous Author: jonschlinkert	Source
New author	npm/global-prefix@1.0.2	New Author: phated Previous Author: jonschlinkert	Source
New author	npm/npm-normalize-package-bin@3.0.1	New Author: npm-cli-ops Previous Author: lukekarrys	Source
New author	npm/write-file-atomic@5.0.1	New Author: npm-cli-ops Previous Author: lukekarrys	package.json
New author	npm/which@3.0.1	New Author: npm-cli-ops Previous Author: lukekarrys	Source
New author	npm/exponential-backoff@3.1.1	New Author: sssayegh Previous Author: coveo-organization	Source
Network access	npm/socks@2.7.1	Module: net Location: Package overview	Source
Network access	npm/agentkeepalive@4.5.0	Module: https Location: Package overview	Source
Network access	npm/agentkeepalive@4.5.0	Module: http Location: Package overview	Source
New author	npm/@npmcli/fs@2.1.2	New Author: gar Previous Author: lukekarrys	Source
Deprecated	npm/@npmcli/move-file@2.0.1	Reason: This functionality has been moved to @npmcli/fs	Source
New author	npm/are-we-there-yet@3.0.1	New Author: lukekarrys Previous Author: gar	Source
Network access	npm/make-fetch-happen@10.2.1	Module: https Location: Package overview	Source
Network access	npm/make-fetch-happen@10.2.1	Module: http Location: Package overview	Source
Network access	npm/make-fetch-happen@10.2.1	Module: http-proxy-agent Location: Package overview	Source
Network access	npm/make-fetch-happen@10.2.1	Module: https-proxy-agent Location: Package overview	Source
Network access	npm/make-fetch-happen@10.2.1	Module: http-cache-semantics Location: Package overview	Source
Network access	npm/make-fetch-happen@10.2.1	Module: dns Location: Package overview	Source
Network access	npm/make-fetch-happen@10.2.1	Module: globalThis["fetch"] Location: Package overview	Source
Network access	npm/minipass-fetch@2.1.2	Module: globalThis["fetch"] Location: Package overview	Source
Network access	npm/minipass-fetch@2.1.2	Module: http Location: Package overview	Source
Network access	npm/minipass-fetch@2.1.2	Module: https Location: Package overview	Source
New author	npm/nopt@6.0.0	New Author: gar Previous Author: isaacs	Source
New author	npm/npmlog@6.0.2	New Author: lukekarrys Previous Author: gar	Source
Network access	npm/socks-proxy-agent@7.0.0	Module: dns Location: Package overview	Source
Network access	npm/socks-proxy-agent@7.0.0	Module: tls Location: Package overview	Source
New author	npm/source-map@0.8.0-beta.0	New Author: loganfsmyth Previous Author: nickfitzgerald	package.json
Network access	npm/@npmcli/agent@2.2.0	Module: dns Location: Package overview	Source
Network access	npm/@npmcli/agent@2.2.0	Module: net Location: Package overview	Source
Network access	npm/@npmcli/agent@2.2.0	Module: https-proxy-agent Location: Package overview	Source
Network access	npm/@npmcli/agent@2.2.0	Module: http-proxy-agent Location: Package overview	Source
Network access	npm/@npmcli/agent@2.2.0	Module: tls Location: Package overview	Source
New author	npm/handlebars@4.7.8	New Author: jaylinski Previous Author: knappi	Source
New author	npm/@npmcli/node-gyp@3.0.0	New Author: lukekarrys Previous Author: gar	Source
New author	npm/read-cmd-shim@4.0.0	New Author: lukekarrys Previous Author: gar	Source
Install scripts	npm/@lavamoat/preinstall-always-fail@1.0.3	Install script: preinstall Source: echo "Don't run npm lifecycle scripts by default! Create a .yarnrc or .npmrc and set enableScripts: false. Then, whitelist them with @lavamoat/allow-scripts" && exit 1	package.json
New author	npm/@lavamoat/preinstall-always-fail@1.0.3	New Author: boneskull Previous Author: naugtur	package.json
New author	npm/unique-slug@3.0.0	New Author: lukekarrys Previous Author: zkat	Source
Network access	npm/socks-proxy-agent@8.0.2	Module: net Location: Package overview	Source
Network access	npm/socks-proxy-agent@8.0.2	Module: tls Location: Package overview	Source
Network access	npm/socks-proxy-agent@8.0.2	Module: dns Location: Package overview	Source
New author	npm/@lavamoat/aa@3.1.5	New Author: boneskull Previous Author: naugtur	Source
New author	npm/cmd-shim@6.0.2	New Author: npm-cli-ops Previous Author: nlf	Source
New author	npm/node-gyp@9.4.1	New Author: lukekarrys Previous Author: rvagg	Source
Deprecated	npm/tsup@7.3.0	Reason: Breaking node 16	package.json
New author	npm/json-parse-even-better-errors@3.0.1	New Author: npm-cli-ops Previous Author: lukekarrys	package.json
Shell access	npm/@lavamoat/allow-scripts@2.5.1	Module: child_process Location: Package overview	package.json
New author	npm/@lavamoat/allow-scripts@2.5.1	New Author: boneskull Previous Author: naugtur	package.json

View full report↗︎

Next steps

What is new author?

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights.

What is shell access?

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Packages should avoid accessing the shell which can reduce portability, and make it easier for malicious shell access to be introduced.

What is network access?

This module accesses the network.

Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use.

What is a deprecated package?

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/istanbul-lib-report@3.0.1
• @SocketSecurity ignore npm/anymatch@3.1.3
• @SocketSecurity ignore npm/fb-watchman@2.0.2
• @SocketSecurity ignore npm/supports-hyperlinks@2.3.0
• @SocketSecurity ignore npm/react-is@18.2.0
• @SocketSecurity ignore npm/fast-diff@1.3.0
• @SocketSecurity ignore npm/tree-kill@1.2.2
• @SocketSecurity ignore npm/resolve-dir@1.0.1
• @SocketSecurity ignore npm/expand-tilde@2.0.2
• @SocketSecurity ignore npm/global-prefix@1.0.2
• @SocketSecurity ignore npm/npm-normalize-package-bin@3.0.1
• @SocketSecurity ignore npm/write-file-atomic@5.0.1
• @SocketSecurity ignore npm/which@3.0.1
• @SocketSecurity ignore npm/exponential-backoff@3.1.1
• @SocketSecurity ignore npm/socks@2.7.1
• @SocketSecurity ignore npm/agentkeepalive@4.5.0
• @SocketSecurity ignore npm/@npmcli/fs@2.1.2
• @SocketSecurity ignore npm/@npmcli/move-file@2.0.1
• @SocketSecurity ignore npm/are-we-there-yet@3.0.1
• @SocketSecurity ignore npm/make-fetch-happen@10.2.1
• @SocketSecurity ignore npm/minipass-fetch@2.1.2
• @SocketSecurity ignore npm/nopt@6.0.0
• @SocketSecurity ignore npm/npmlog@6.0.2
• @SocketSecurity ignore npm/socks-proxy-agent@7.0.0
• @SocketSecurity ignore npm/source-map@0.8.0-beta.0
• @SocketSecurity ignore npm/@npmcli/agent@2.2.0
• @SocketSecurity ignore npm/handlebars@4.7.8
• @SocketSecurity ignore npm/@npmcli/node-gyp@3.0.0
• @SocketSecurity ignore npm/read-cmd-shim@4.0.0
• @SocketSecurity ignore npm/@lavamoat/preinstall-always-fail@1.0.3
• @SocketSecurity ignore npm/unique-slug@3.0.0
• @SocketSecurity ignore npm/socks-proxy-agent@8.0.2
• @SocketSecurity

[metamaskbot]

Builds ready [42e9e0c]

Storybook: Storybook

[metamaskbot]

Builds ready [899f18a]

Storybook: Storybook

[metamaskbot]

Builds ready [7cca0b9]

Storybook: Storybook

[metamaskbot]

Builds ready [55c3be3]

Storybook: Storybook

[georgewrmarshall]

Socket dev security issues should be mitigated by lavamoat as they are all supply chain issues

[metamaskbot]

Builds ready [fd4e72b]

Storybook: Storybook

[metamaskbot]

Builds ready [c9e9380]

Storybook: Storybook

[metamaskbot]

Builds ready [aaba235]

Storybook: Storybook