@movable/rollup-plugin-package-manifest-validator - npm Package Compare versions

Comparing version 2.33.4-imageAnchoring.1 to 2.34.0

package.json

 {
   "name": "@movable/rollup-plugin-package-manifest-validator",
-  "version": "2.33.4-imageAnchoring.1",
+  "version": "2.34.0",
   "description": "Validates package-manifest.yml",
@@ -32,3 +32,3 @@ "main": "dist",
     "regenerator-runtime": "^0.13.7",
-    "rollup": "^2.50.1"
+    "rollup": "^2.52.2"
   },
@@ -42,3 +42,3 @@ "dependencies": {
   },
-  "gitHead": "8d4d643fcb0bcc9f0d085c11f1e1c6495f068d54"
+  "gitHead": "7575585f04ee4c9aaa56006d0a4ce02abbfc6cbb"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Number of low quality alerts

1

decreased by-50%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

81782

decreased by-0.02%

No dependency changes