@momentum-ui/design-tokens - npm Package Compare versions

Comparing version 0.0.1 to 0.0.2

package.json

 {
+  "dependencies": {},
   "name": "@momentum-ui/design-tokens",
-  "description": "To generate a flat token file for a particular theme",
-  "version": "0.0.1",
-  "author": "Cisco's Webex",
-  "license": "MIT",
+  "description": "See [documentation on Confluence](https://confluence-eng-gpk2.cisco.com/conf/display/~pauwitty/Token+proposal)",
+  "version": "0.0.2",
   "main": "./dist/index.css",
-  "repository": "https://github.com/momentum-design/momentum-ui.git",
-  "dependencies": {},
   "devDependencies": {
@@ -17,2 +14,17 @@ "args-parser": "^1.2.0",
   },
+  "scripts": {
+    "build:clean": "rimraf ./dist",
+    "build:css": "npm run build:clean && node theme_generator.js --platform=web themes/* --sizeUnit=rem",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+ssh://git@github.com/momentum-design/tokens.git"
+  },
+  "author": "Cisco's Webex",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/momentum-design/tokens/issues"
+  },
+  "homepage": "https://github.com/momentum-design/tokens#readme",
   "publishConfig": {
@@ -19,0 +31,0 @@ "access": "public",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Improved metrics

Number of package files

39

increased by178.57%

Lines of code

6967

increased by51.06%

Number of low maintenance alerts

0

decreased by-100%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

29

increased byInfinity%

Worsened metrics

Total package byte prevSize

207728

decreased by-23.46%

Number of medium supply chain risk alerts

2

increased byInfinity%

No dependency changes