@catalog/standalone - npm Package Compare versions

Comparing version 4.0.0 to 4.0.1-canary.0

package.json

 {
   "name": "@catalog/standalone",
-  "version": "4.0.0",
+  "version": "4.0.1-canary.0",
   "description": "Standalone version of Catalog",
   "homepage": "https://www.catalog.style/",
   "bugs": "https://github.com/interactivethings/catalog/issues",
-  "main": "catalog.js",
-  "module": "catalog.js",
+  "main": "catalog.min.js",
   "unpkg": "catalog.min.js",
+  "files": [
+    "catalog.development.js",
+    "catalog.min.js"
+  ],
+  "scripts": {
+    "watch": "rollup -c rollup.config.js --watch",
+    "build": "rollup -c rollup.config.js"
+  },
   "peerDependencies": {
@@ -14,3 +21,3 @@ "@babel/standalone": "^7.1.0"
   "devDependencies": {
-    "@catalog/core": "^4.0.0"
+    "@catalog/core": "^4.0.1-canary.0"
   },
@@ -25,3 +32,3 @@ "repository": {
   },
-  "gitHead": "69ab8b76e81eb9080460fc99100e38a8f324f77b"
+  "gitHead": "dab78e97dadd63a1126cf03ae9106f0c34930922"
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2418896

increased by770.03%

Lines of code

48221

increased by694.94%

Number of medium maintenance alerts

0

decreased by-100%

Number of low supply chain risk alerts

5

decreased by-37.5%

Worsened metrics

Number of low quality alerts

2

increased by100%

No dependency changes