@datachecker/faceverify - npm Package Compare versions

Comparing version 0.0.2 to 3.0.0

package.json

 {
   "name": "@datachecker/faceverify",
-  "version": "v0.0.2",
+  "version": "v3.0.0",
   "description": "This project contains Datachecker's FaceVerify tool, that captures images of faces to be used in liveness detection. The tool only takes a capture once the trigger mechanism is fired.",
@@ -11,3 +11,7 @@ "main": "dist/faceverify.obf.js",
     "build": "webpack",
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "start-server": "http-server -p 3000",
+    "cypress:open": "cypress open --project tests",
+    "cypress:run": "cypress run --project tests",
+    "test:e2e": "npm run start-server & npm run cypress:run",
+    "test": "jest --coverage --config=tests/jest.config.js"
   },
@@ -25,6 +29,14 @@ "repository": {
   "devDependencies": {
+    "@babel/core": "^7.23.9",
+    "@babel/preset-env": "^7.23.9",
+    "babel-jest": "^29.7.0",
     "copy-webpack-plugin": "^12.0.2",
     "css-loader": "^6.9.1",
+    "cypress": "^13.6.4",
     "file-loader": "^6.2.0",
+    "http-server": "^14.1.1",
     "javascript-obfuscator": "^4.1.0",
+    "jest": "^29.7.0",
+    "jest-canvas-mock": "^2.5.2",
+    "jest-environment-jsdom": "^29.7.0",
     "style-loader": "^3.3.4",
@@ -38,2 +50,3 @@ "url-loader": "^4.1.1",
     "dist/",
+    "CHANGELOG.md",
     "README.md",
@@ -40,0 +53,0 @@ "LICENSE.md"

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Minified code

Quality

This package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Number of medium maintenance alerts

0

decreased by-100%

Number of low quality alerts

4

decreased by-63.64%

Number of low supply chain risk alerts

5

decreased by-61.54%

Number of medium supply chain risk alerts

14

decreased by-65%

Worsened metrics

Total package byte prevSize

36525362

decreased by-48.96%

Dev dependency count

17

increased by88.89%

Number of package files

23

decreased by-54.9%

Lines of code

2002

decreased by-0.25%

No dependency changes