@catalog/standalone - npm Package Compare versions

Comparing version 0.0.3 to 0.0.4-alpha.0

package.json

 {
   "name": "@catalog/standalone",
-  "version": "0.0.3",
+  "version": "0.0.4-alpha.0+e84d341",
   "description": "Standalone version of Catalog",
@@ -10,22 +10,7 @@ "homepage": "https://www.catalog.style/",
   "unpkg": "catalog.min.js",
-  "scripts": {
-    "prepublishOnly": "make build"
+  "peerDependencies": {
+    "@babel/standalone": "^7.1.0"
   },
   "devDependencies": {
-    "@babel/core": "^7.1.0",
-    "@babel/polyfill": "^7.0.0",
-    "@babel/preset-env": "^7.1.0",
-    "@catalog/core": "^0.0.3",
-    "ramda": "^0.25.0",
-    "react": "^16.3.2",
-    "react-dom": "^16.3.2",
-    "rollup": "^0.66.2",
-    "rollup-plugin-babel": "^4.0.3",
-    "rollup-plugin-commonjs": "^9.1.3",
-    "rollup-plugin-node-resolve": "^3.0.2",
-    "rollup-plugin-replace": "^2.0.0",
-    "rollup-plugin-terser": "^3.0.0",
-    "rollup-watch": "^4.3.1",
-    "serve": "^10.0.2",
-    "unfetch": "^4.0.1"
+    "@catalog/core": "^0.0.4-alpha.0+e84d341"
   },
@@ -39,3 +24,4 @@ "repository": {
     "access": "public"
-  }
+  },
+  "gitHead": "e84d3415a21bdccc6f4f2f083c303cc4a12596ef"
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Dev dependency count

1

decreased by-93.75%

Number of package files

5

increased by25%

Number of medium supply chain risk alerts

6

decreased by-25%

Worsened metrics

Total package byte prevSize

278058

decreased by-88.03%

Dependency count

1

increased byInfinity%

Lines of code

6066

decreased by-88.37%

Number of low supply chain risk alerts

8

increased by60%

No dependency changes