@fellow/coffeelint - npm Package Compare versions

Comparing version 2.0.7 to 2.0.8

package.json

 {
   "name": "@fellow/coffeelint",
-  "description": "Lint your CoffeeScript",
-  "version": "2.0.7",
-  "homepage": "http://www.coffeelint.org",
-  "keywords": [
-    "lint",
-    "coffeescript",
-    "coffee-script"
-  ],
-  "author": "Matthew Perpick <clutchski@gmail.com>",
-  "main": "./lib/coffeelint.js",
-  "engines": {
-    "npm": ">=1.3.7",
-    "node": ">=6.9.1"
+  "version": "2.0.8",
+  "deprecation": "Deprecated, use @fellow/coffeelint2",
+  "description": "Deprecated, use @fellow/coffeelint2",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
   },
-  "repository": {
-    "type": "git",
-    "url": "git://github.com/clutchski/coffeelint.git"
-  },
-  "bin": {
-    "coffeelint": "./bin/coffeelint"
-  },
-  "dependencies": {
-    "coffeescript": "~2.1.1",
-    "glob": "^7.0.6",
-    "ignore": "^3.0.9",
-    "optimist": "^0.6.1",
-    "resolve": "^0.6.3",
-    "strip-json-comments": "^1.0.2"
-  },
-  "devDependencies": {
-    "underscore": ">=1.4.4",
-    "vows": ">=0.8.1"
-  },
-  "license": "MIT",
-  "scripts": {
-    "pretest": "cake compile",
-    "test": "./vowsrunner.js --spec test/*.coffee test/*.litcoffee",
-    "testrule": "npm run compile && ./vowsrunner.js --spec",
-    "posttest": "npm run lint",
-    "prepare": "npm run prepublish",
-    "prepublish": "cake prepublish",
-    "postpublish": "cake postpublish",
-    "publish": "cake publish",
-    "lint": "cake compile && ./bin/coffeelint .",
-    "lint-csv": "cake compile && ./bin/coffeelint --csv .",
-    "lint-jslint": "cake compile && ./bin/coffeelint --jslint .",
-    "compile": "cake compile"
-  }
-}
+  "author": "",
+  "license": "ISC"
+}

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Dependency count

0

decreased by-100%

Dev dependency count

0

decreased by-100%

Number of low supply chain risk alerts

1

decreased by-96.3%

Worsened metrics

Total package byte prevSize

305

decreased by-99.81%

Number of package files

1

decreased by-95.65%

Lines of code

0

decreased by-100%

Number of low maintenance alerts

3

increased by50%

Number of low quality alerts

2

increased byInfinity%

Number of medium quality alerts

2

increased by100%

Number of lines in readme file

0

decreased by-100%

Number of medium supply chain risk alerts

3

increased byInfinity%

Dependency changes

• - Removedcoffeescript@~2.1.1

• - Removedglob@^7.0.6

• - Removedignore@^3.0.9

• - Removedoptimist@^0.6.1

• - Removedresolve@^0.6.3

• - Removedstrip-json-comments@^1.0.2

• - Removedbalanced-match@1.0.2(transitive)

• - Removedbrace-expansion@1.1.11(transitive)

• - Removedcoffeescript@2.1.1(transitive)

• - Removedconcat-map@0.0.1(transitive)

• - Removedfs.realpath@1.0.0(transitive)

• - Removedglob@7.2.3(transitive)

• - Removedignore@3.3.10(transitive)

• - Removedinflight@1.0.6(transitive)

• - Removedinherits@2.0.4(transitive)

• - Removedminimatch@3.1.2(transitive)

• - Removedminimist@0.0.10(transitive)

• - Removedonce@1.4.0(transitive)

• - Removedoptimist@0.6.1(transitive)

• - Removedpath-is-absolute@1.0.1(transitive)

• - Removedresolve@0.6.3(transitive)

• - Removedstrip-json-comments@1.0.4(transitive)

• - Removedwordwrap@0.0.3(transitive)

• - Removedwrappy@1.0.2(transitive)