@herodotus_dev/mmr-hashes - npm Package Compare versions

Comparing version 1.1.1 to 1.1.2

package.json

 {
   "name": "@herodotus_dev/mmr-hashes",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "description": "A TypeScript implementation of Merkle Mountain Ranges",
@@ -33,11 +33,10 @@ "keywords": [
     "build": "tsc",
-    "import:wasm": "cp -R src/pedersen lib",
-    "postinstall": "yarn import:wasm",
-    "postbuild": "yarn import:wasm"
+    "postbuild": "yarn import:wasm",
+    "import:wasm": "cp -R src/pedersen lib"
   },
   "dependencies": {
     "@herodotus_dev/mmr-core": "^1.1.1",
-    "@types/node": "^18.14.4"
+    "@types/node": "^18.14.5"
   },
-  "gitHead": "d602a4302bf19ef2f3ef6e003e0d73c357dee4dd"
+  "gitHead": "433d3c4db886fd9b9139c4c539dfb2e8c92cf879"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Improved metrics

Number of high supply chain risk alerts

0

decreased by-100%

Number of low supply chain risk alerts

2

decreased by-50%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Total package byte prevSize

131254

decreased by-49.28%

Number of package files

14

decreased by-30%

Lines of code

245

decreased by-45.31%

Dependency changes

• Updated@types/node@^18.14.5