@mapbox/bundle-fairy - npm Package Compare versions

Comparing version 0.1.0 to 0.2.0-dev1

index.js

@@ -204,3 +204,3 @@ var fs = require('fs');
     if (err) { throw err; }
-    var buf = new Buffer(2);
+    var buf = new Buffer.alloc(2);
     fs.read(fd, buf, 0, 2, 0, function(err, bytes_read, data) {
@@ -207,0 +207,0 @@ if (err) { return callback(err); }

package.json

 {
   "name": "@mapbox/bundle-fairy",
-  "version": "0.1.0",
+  "version": "0.2.0-dev1",
   "description": "Check if ZIP is a bundle and extract",
@@ -30,3 +30,3 @@ "main": "index.js",
     "minimist": "^1.2.0",
-    "zipfile": "^0.5.9",
+    "zipfile": "^0.5.12",
     "mkdirp": "^0.5.1",
@@ -33,0 +33,0 @@ "rimraf": "^2.5.2"

readme.md

@@ -50,8 +50,8 @@ # bundle-fairy
 
-#### check if a file is a bundle, `isBundle()`
+#### check if a file is a bundle, `isbundle()`
 
 ```javascript
-fairy.isBundle('./path/to/file.zip', function(err, isbundle) {
+fairy.isbundle('./path/to/file.zip', function(err, isbundle) {
   if (err) throw err;
-  console.log(isbundle); // true! or false :(
+  console.log(isbundle); // `true` or `false`
 });
@@ -58,0 +58,0 @@ ```

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 11 instances in 1 package

Improved metrics

Number of medium supply chain risk alerts

2

decreased by-83.33%

Worsened metrics

Total package byte prevSize

6176913

decreased by-25.68%

Number of package files

33

decreased by-47.62%

Dependency changes

• Updatedzipfile@^0.5.12