@microsoft/rush-lib
Advanced tools
@microsoft/rush-lib - npm Package Compare versions
Comparing version 0.0.0 to 1.4.0
| { | ||
| "name": "@microsoft/rush-lib", | ||
| "version": "0.0.0", | ||
| "description": "", | ||
| "main": "index.js", | ||
| "version": "1.4.0", | ||
| "description": "Library support for the Rush tool", | ||
| "main": "lib/index.js", | ||
| "typings": "lib/index.d.ts", | ||
| "scripts": { | ||
| "test": "echo \"Error: no test specified\" && exit 1" | ||
| "build": "gulp", | ||
| "test": "gulp test", | ||
| "clean": "gulp clean" | ||
| }, | ||
| "keywords": [], | ||
| "author": "", | ||
| "license": "ISC" | ||
| "license": "SEE LICENSE IN LICENSE.docx", | ||
| "dependencies": { | ||
| "@types/es6-collections": "^0.5.29", | ||
| "@types/node": ">=6.0.51 <7.0.0", | ||
| "@microsoft/stream-collator": "~1.0.2", | ||
| "fs-extra": "~0.26.0", | ||
| "@types/fs-extra": "~0.0.34", | ||
| "jju": "~1.3.0", | ||
| "rimraf": "~2.5.2", | ||
| "semver": "~5.2.0", | ||
| "z-schema": "~3.17.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@microsoft/sp-build-node": "~0.2.0", | ||
| "chai": "~3.5.0", | ||
| "@types/chai": "^3.4.34", | ||
| "gulp": "~3.9.1", | ||
| "mocha": "~2.5.3", | ||
| "@types/mocha": "^2.2.32" | ||
| } | ||
| } |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Misc. License Issues
License(Experimental) A package's licensing information has fine-grained problems.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
Fixed alerts
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by124719.4%
289581
- Number of package files
- increased by6700%
68
- Lines of code
- increased byInfinity%
2716
- Number of low quality alerts
- decreased by-66.67%
1
- Number of medium quality alerts
- decreased by-100%
0
- Number of lines in readme file
- increased byInfinity%
15
Worsened metrics
- Dependency count
- increased byInfinity%
9
- Dev dependency count
- increased byInfinity%
6
- Number of medium license alerts
- increased byInfinity%
1
- Number of low supply chain risk alerts
- increased by800%
9
- Number of medium supply chain risk alerts
- increased by500%
6
Dependency changes
+ Added@types/fs-extra@~0.0.34
+ Added@types/node@>=6.0.51 <7.0.0
+ Addedfs-extra@~0.26.0
+ Addedjju@~1.3.0
+ Addedrimraf@~2.5.2
+ Addedsemver@~5.2.0
+ Addedz-schema@~3.17.0
+ Added@microsoft/stream-collator@1.0.2(transitive)
+ Added@types/es6-collections@0.5.36(transitive)
+ Added@types/fs-extra@0.0.37(transitive)
+ Added@types/node@6.0.1186.14.13(transitive)
+ Addedajv@6.12.6(transitive)
+ Addedasn1@0.2.6(transitive)
+ Addedassert-plus@1.0.0(transitive)
+ Addedasynckit@0.4.0(transitive)
+ Addedaws-sign2@0.7.0(transitive)
+ Addedaws4@1.13.2(transitive)
+ Addedbalanced-match@1.0.2(transitive)
+ Addedbcrypt-pbkdf@1.0.2(transitive)
+ Addedbrace-expansion@1.1.11(transitive)
+ Addedcaseless@0.12.0(transitive)
+ Addedcolors@1.1.2(transitive)
+ Addedcombined-stream@1.0.8(transitive)
+ Addedcommander@2.20.3(transitive)
+ Addedconcat-map@0.0.1(transitive)
+ Addedcore-util-is@1.0.2(transitive)
+ Addeddashdash@1.14.1(transitive)
+ Addeddelayed-stream@1.0.0(transitive)
+ Addedecc-jsbn@0.1.2(transitive)
+ Addedextend@3.0.2(transitive)
+ Addedextsprintf@1.3.0(transitive)
+ Addedfast-deep-equal@3.1.3(transitive)
+ Addedfast-json-stable-stringify@2.1.0(transitive)
+ Addedforever-agent@0.6.1(transitive)
+ Addedform-data@2.3.3(transitive)
+ Addedfs-extra@0.26.7(transitive)
+ Addedfs.realpath@1.0.0(transitive)
+ Addedgetpass@0.1.7(transitive)
+ Addedglob@7.2.3(transitive)
+ Addedgraceful-fs@4.2.11(transitive)
+ Addedhar-schema@2.0.0(transitive)
+ Addedhar-validator@5.1.5(transitive)
+ Addedhttp-signature@1.2.0(transitive)
+ Addedinflight@1.0.6(transitive)
+ Addedinherits@2.0.4(transitive)
+ Addedis-typedarray@1.0.0(transitive)
+ Addedisstream@0.1.2(transitive)
+ Addedjju@1.3.0(transitive)
+ Addedjsbn@0.1.1(transitive)
+ Addedjson-schema@0.4.0(transitive)
+ Addedjson-schema-traverse@0.4.1(transitive)
+ Addedjson-stringify-safe@5.0.1(transitive)
+ Addedjsonfile@2.4.0(transitive)
+ Addedjsprim@1.4.2(transitive)
+ Addedklaw@1.3.1(transitive)
+ Addedlodash.get@4.4.2(transitive)
+ Addedmime-db@1.52.0(transitive)
+ Addedmime-types@2.1.35(transitive)
+ Addedminimatch@3.1.2(transitive)
+ Addedoauth-sign@0.9.0(transitive)
+ Addedonce@1.4.0(transitive)
+ Addedpath-is-absolute@1.0.1(transitive)
+ Addedperformance-now@2.1.0(transitive)
+ Addedpsl@1.15.0(transitive)
+ Addedpunycode@2.3.1(transitive)
+ Addedqs@6.5.3(transitive)
+ Addedrequest@2.88.2(transitive)
+ Addedrimraf@2.5.4(transitive)
+ Addedsafe-buffer@5.2.1(transitive)
+ Addedsafer-buffer@2.1.2(transitive)
+ Addedsemver@5.2.0(transitive)
+ Addedsshpk@1.18.0(transitive)
+ Addedtough-cookie@2.5.0(transitive)
+ Addedtunnel-agent@0.6.0(transitive)
+ Addedtweetnacl@0.14.5(transitive)
+ Addeduri-js@4.4.1(transitive)
+ Addeduuid@3.4.0(transitive)
+ Addedvalidator@5.7.0(transitive)
+ Addedverror@1.10.0(transitive)
+ Addedwrappy@1.0.2(transitive)
+ Addedz-schema@3.17.0(transitive)