Update package.json

[jadoonf]

No description provided.

[jadoonf]

📊 Package size report   No changes

File	Before	After
Total (Includes all files)	11.0 kB	11.0 kB
Tarball size	4.1 kB	-0.07%↓4.1 kB

Unchanged files

File	Size
.github/workflows/explain.yml	736 B
.github/workflows/lstn.yml	432 B
.github/workflows/package-size-report.yml	536 B
.github/workflows/scanners.yml	1.0 kB
.github/workflows/test/lstn-cli-workflow.yml	2.0 kB
.github/workflows/test/lstn-dynamic.yml	378 B
.github/workflows/test/lstn-policy.yml	334 B
index.js	28 B
package.json	981 B
README.md	3.4 kB
rules.yml	1.2 kB

_{🤖 This report was automatically generated by pkg-size-action}

[github-actions]

listen.dev ∙ Security Report

critical 🚨 4

medium ⚠️ 5

low 🔷 1

🔍 The following behaviors have been detected in the dependency tree during installation

🚨 Critical severity

📑🔀	2 categories

• 📑 Metadata ∙ 1 package

  
  

  • 📦 chokidar@3.5.3 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • This package has inconsistent dependencies in the tarball's package.json ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      chokidar	3.5.3		1	🔗

• 🔀 Typosquatting ∙ 3 packages

  
  

  • 📦 jq@1.7.2 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • The name of this package closely resembles other package names ("q") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      jq	1.7.2		1	🔗

  • 📦 ink@3.2.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • The name of this package closely resembles other package names ("ini") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      ink	3.2.0		1	🔗

  • 📦 findit@2.0.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • The name of this package closely resembles other package names ("findit2") which are popular on NPM: it might be a typosquatting attempt ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      findit	2.0.0		1	🔗

---

⚠️ Medium severity

📡🔎	2 categories

• 📡 Dynamic instrumentation ∙ 1 package

  
  

  • 📦 jq@1.7.2 ∙ 4 occurrences ∙ 2 kind of issues ∙ open 🔗

    
    

    • npm install spawned a process ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      contextify	0.1.15	✔️	1	🔗

    • unexpected outbound connection destination ∙ 3 total occurrences

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      contextify	0.1.15	✔️	3	🔗

• 🔎 Static analysis ∙ 1 package

  
  

  • 📦 ink@3.2.0 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • install script detected in package.json ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      ink	3.2.0		1	🔗

---

🔷 Low severity

📑	1 category

• 📑 Metadata ∙ 1 package

  
  

  • 📦 source-map-support@0.5.21 ∙ 1 occurrence ∙ 1 kind of issue ∙ open 🔗

    
    

    • This package version is 0.X.Y: the semver spec mandates those versions for initial development meaning that anything may change at any time and the public API of this package should not be considered stable. ∙ 1 total occurrence

      
      

      Name	Version	Transitive Dependency	Occurrences	More
      source-map-support	0.5.21		1	🔗

---

### 🚩 Some problems have been encountered

🔗 Package not analysed yet ∙ 2 occurrences ∙ Package not analysed yet

• tap-mocha-reporter@5.0.4
• @types/react@17.0.69

See docs 🔗

---

Powered by listen.dev