@changesets/config - npm Package Compare versions

Comparing version 2.3.1 to 3.0.0

dist/declarations/src/index.d.ts

@@ -0,0 +0,0 @@ import { Packages } from "@manypkg/get-packages";

package.json

 {
   "name": "@changesets/config",
-  "version": "2.3.1",
+  "version": "3.0.0",
   "description": "Utilities for reading and parsing Changeset's config",
-  "main": "dist/config.cjs.js",
-  "module": "dist/config.esm.js",
+  "main": "dist/changesets-config.cjs.js",
+  "module": "dist/changesets-config.esm.js",
+  "exports": {
+    ".": {
+      "types": {
+        "import": "./dist/changesets-config.cjs.mjs",
+        "default": "./dist/changesets-config.cjs.js"
+      },
+      "module": "./dist/changesets-config.esm.js",
+      "import": "./dist/changesets-config.cjs.mjs",
+      "default": "./dist/changesets-config.cjs.js"
+    },
+    "./package.json": "./package.json"
+  },
   "license": "MIT",
@@ -14,6 +26,6 @@ "repository": "https://github.com/changesets/changesets/tree/main/packages/config",
   "dependencies": {
-    "@changesets/errors": "^0.1.4",
-    "@changesets/get-dependents-graph": "^1.3.6",
-    "@changesets/logger": "^0.0.5",
-    "@changesets/types": "^5.2.1",
+    "@changesets/errors": "^0.2.0",
+    "@changesets/get-dependents-graph": "^2.0.0",
+    "@changesets/logger": "^0.1.0",
+    "@changesets/types": "^6.0.0",
     "@manypkg/get-packages": "^1.1.3",
@@ -20,0 +32,0 @@ "fs-extra": "^7.0.1",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Number of package files

11

increased by10%

Number of low supply chain risk alerts

3

decreased by-40%

Worsened metrics

Total package byte prevSize

41278

decreased by-25.63%

Lines of code

773

decreased by-15.43%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Added@changesets/errors@0.2.0(transitive)

• + Added@changesets/get-dependents-graph@2.1.2(transitive)

• + Added@changesets/logger@0.1.1(transitive)

• + Added@changesets/types@6.0.0(transitive)

• + Addedpicocolors@1.1.0(transitive)

• - Removed@changesets/errors@0.1.4(transitive)

• - Removed@changesets/get-dependents-graph@1.3.6(transitive)

• - Removed@changesets/logger@0.0.5(transitive)

• - Removed@changesets/types@5.2.1(transitive)

• - Removedansi-styles@3.2.1(transitive)

• - Removedchalk@2.4.2(transitive)

• - Removedcolor-convert@1.9.3(transitive)

• - Removedcolor-name@1.1.3(transitive)

• - Removedescape-string-regexp@1.0.5(transitive)

• - Removedhas-flag@3.0.0(transitive)

• - Removedsupports-color@5.5.0(transitive)

• Updated@changesets/errors@^0.2.0

• Updated@changesets/get-dependents-graph@^2.0.0

• Updated@changesets/logger@^0.1.0

• Updated@changesets/types@^6.0.0