@node-wot/td-tools - npm Package Compare versions

Comparing version 0.4.0 to 0.5.0

package.json

 {
   "name": "@node-wot/td-tools",
-  "version": "0.4.0",
+  "version": "0.5.0",
   "description": "W3C Web of Things (WoT) Thing Description parser, serializer, and other tools",
   "author": "Eclipse Thingweb <thingweb-dev@eclipse.org> (https://thingweb.io/)",
-  "license": "W3C-20150513",
+  "license": "EPL-2.0 OR W3C-20150513",
   "repository": "https://github.com/thingweb/node-wot/tree/master/packages/td-tools",
@@ -18,16 +18,19 @@ "publishConfig": {
     "@types/chai": "4.0.4",
-    "@types/node": "9.4.1",
+    "@types/node": "10.9.4",
     "chai": "4.1.2",
     "mocha": "3.5.3",
     "mocha-typescript": "1.1.8",
+    "ts-loader": "4.4.2",
     "ts-node": "3.3.0",
-    "typescript": "2.5.2",
-    "typescript-standard": "0.3.30"
+    "typescript": "2.9.2",
+    "typescript-standard": "0.3.30",
+    "webpack": "4.16.0",
+    "webpack-command": "^0.4.1",
+    "wot-typescript-definitions": "0.5.0"
   },
   "dependencies": {
-    "reflect-metadata": "0.1.10",
-    "wot-typescript-definitions": "0.4.0"
+    "is-absolute-url": "2.1.0"
   },
   "scripts": {
-    "build": "tsc",
+    "build": "tsc && webpack",
     "test": "mocha --compilers ts:ts-node/register",
@@ -34,0 +37,0 @@ "codestyle": "standard --pretty"

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Dependency count

1

decreased by-50%

Number of low supply chain risk alerts

1

decreased by-83.33%

Worsened metrics

Total package byte prevSize

1077

decreased by-99.41%

Dev dependency count

12

increased by50%

Number of package files

1

decreased by-95%

License quality

90

decreased by-10%

Lines of code

0

decreased by-100%

Dependency changes

• + Addedis-absolute-url@2.1.0

• + Addedis-absolute-url@2.1.0(transitive)

• - Removedreflect-metadata@0.1.10

• - Removedwot-typescript-definitions@0.4.0

• - Removedreflect-metadata@0.1.10(transitive)

• - Removedrxjs@5.4.3(transitive)

• - Removedsymbol-observable@1.2.0(transitive)

• - Removedwot-typescript-definitions@0.4.0(transitive)