@biscuit-auth/biscuit-wasm - npm Package Compare versions

Comparing version 0.1.0 to 0.1.1

package.json

 {
   "name": "@biscuit-auth/biscuit-wasm",
   "description": "WebAssembly wrapper for Biscuit authorization tokens",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "license": "Apache-2.0",
@@ -10,10 +10,27 @@ "repository": {
   },
+  "scripts": {
+    "build-esm": "wasm-pack build --target bundler --out-dir module --out-name biscuit --scope biscuit-auth",
+    "build-cjs": "wasm-pack build --target nodejs --out-dir dist --out-name biscuit --scope biscuit-auth",
+    "remove-pkg-cruft": "rm module/package.json dist/package.json dist/.gitignore module/.gitignore dist/README.md module/README.md",
+    "prepare-package": "npm run build-esm && npm run build-cjs && npm run remove-pkg-cruft && cp performance.js dist/snippets/*/inline0.js"
+  },
   "files": [
-    "biscuit_bg.wasm",
-    "biscuit.js",
-    "biscuit.d.ts"
+    "module/biscuit_bg.wasm",
+    "module/biscuit.js",
+    "module/biscuit.d.ts",
+    "module/snippets",
+    "dist/biscuit_bg.wasm",
+    "dist/biscuit.js",
+    "dist/biscuit_bg.js",
+    "dist/biscuit.d.ts",
+    "dist/snippets"
   ],
-  "module": "biscuit.js",
-  "types": "biscuit.d.ts",
-  "sideEffects": false
-}
+  "main": "dist/biscuit.js",
+  "exports": {
+    "require": "./dist/biscuit.js",
+    "import": "./module/biscuit.js"
+  },
+  "module": "module/biscuit.js",
+  "sideEffects": "false",
+  "types": "dist/biscuit.d.ts"
+}

README.md

 # Biscuit-Wasm
 
 This library wraps the [Rust implementation](https://github.com/biscuit-auth) of [Biscuit tokens](https://www.biscuitsec.org) in WebAssembly, for usage in NodeJS and browsers.
+
+It provides both CommonJS and EcmaScript modules, along with TypeScript type definitions.
+
+## License
+
+Licensed under the Apache 2.0 License.
+
+Copyright 2021 Geoffroy Couprie

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 2 instances in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2784374

increased by105.47%

Number of package files

11

increased by83.33%

Lines of code

1369

increased by55.39%

Number of lines in readme file

12

increased by200%

Worsened metrics

Number of low supply chain risk alerts

2

increased byInfinity%

Number of medium supply chain risk alerts

3

increased by50%

No dependency changes