@knit/needle
Advanced tools
@knit/needle - npm Package Compare versions
Comparing version 0.5.0 to 0.6.0
@@ -21,2 +21,4 @@ "use strict"; | ||
| require("dotenv").config(); | ||
| var path = require("path"); | ||
@@ -31,4 +33,4 @@ var readPkgUp = require("read-pkg-up"); | ||
| var SRC_STUB = pkgPaths.src || "src"; | ||
| var MOD_STUB = pkgPaths.modulesStub || path.join(SRC_STUB, "modules"); | ||
| var DIST_STUB = pkgPaths.distStub || "dist"; | ||
| var MOD_STUB = process.env.KNIT_WORKING_DIR || path.join(SRC_STUB, "modules"); | ||
| var DIST_STUB = process.env.KNIT_OUTPUT_DIR || "dist"; | ||
| var TESTS_STUB = pkgPaths.testsStub || "__tests__"; | ||
@@ -35,0 +37,0 @@ var DATA_STUB = pkgPaths.dataStub || "data"; |
@@ -21,6 +21,7 @@ { | ||
| "description": "Knitting needle", | ||
| "version": "0.5.0", | ||
| "version": "0.6.0", | ||
| "dependencies": { | ||
| "dotenv": "4.0.0", | ||
| "read-pkg-up": "2.0.0" | ||
| } | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.1%
70799
- Lines of code
- increased by1.92%
53
Worsened metrics
- Dependency count
- increased by100%
2
- Number of low supply chain risk alerts
- increased by28.57%
9
Dependency changes
+ Addeddotenv@4.0.0
+ Addeddotenv@4.0.0(transitive)