search

baruchiro / use-route-as-state

Use React Router route and query string as component state
https://baruchiro.github.io/use-route-as-state/
MIT License
42 stars 7 forks source link

ChainAlert: Dependency "lru-cache" version 7.4.0 has new "prepare" script #164

Closed chainalert-bot closed 2 years ago

chainalert-bot commented 2 years ago

ChainAlert has detected a new "prepare" script in lru-cache in one of your project's dependencies - a suspicious new release of "lru-cache" version "7.4.0" on npm.
This script runs automatically upon installing the package.

scripts section from the package.json file of "lru-cache" version "7.4.0":

{
    "prepare": "webpack-cli -o bundle ./index.js --node-env production",
    "build": "npm run prepare",
    "presize": "npm run prepare",
    "test": "tap",
    "snap": "tap",
    "size": "size-limit",
    "preversion": "npm test",
    "postversion": "npm publish",
    "prepublishOnly": "git push origin --follow-tags"
}

We've already alerted lru-cache maintainers on https://github.com/chainalert-bot/private_alerts/issues/39

This is an automated notification by ChainAlert, a free service for the Open Source community by Checkmarx.
For any questions please contact us at supplychainsecurity@checkmarx.com

badge