@cumulus/checksum - npm Package Compare versions

Comparing version 1.11.2-alpha3 to 1.12.0

package.json

 {
   "name": "@cumulus/checksum",
-  "version": "1.11.2-alpha3",
+  "version": "1.12.0",
   "description": "Cumulus checksum utilities",
@@ -39,3 +39,4 @@ "engines": {
     "nyc": "^13.3.0"
-  }
+  },
+  "gitHead": "bffc25da88e2ec3639e1b265f660ec3633d75cea"
 }

validate.js

@@ -16,3 +16,3 @@ 'use strict';
 async function validateChecksumFromStream(algorithm, stream, expectedSum, options = {}) {
-  const calculatedSum = generateChecksumFromStream(algorithm, stream, options);
+  const calculatedSum = await generateChecksumFromStream(algorithm, stream, options);
   return expectedSum === calculatedSum;
@@ -19,0 +19,0 @@ }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

14278

increased by220.57%

Number of package files

6

increased by20%

Number of low quality alerts

1

decreased by-50%

Worsened metrics

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes