@obot/lib
Advanced tools
Comparing version 0.0.0 to 0.2.2
| { | ||
| "name": "@obot/lib", | ||
| "version": "0.0.0", | ||
| "description": "", | ||
| "main": "index.js", | ||
| "scripts": { | ||
| "test": "echo \"Error: no test specified\" && exit 1" | ||
| "version": "0.2.2", | ||
| "description": "An abstraction layer for creating Byteball chatbot", | ||
| "main": "dist/cjs/index.js", | ||
| "module": "dist/es/index.mjs", | ||
| "types": "types/index.d.ts", | ||
| "files": [ | ||
| "bin", | ||
| "dist", | ||
| "types" | ||
| ], | ||
| "repository": "github:DrSensor/bot-byte", | ||
| "homepage": "https://drsensor.github.io/bot-byte", | ||
| "keywords": [ | ||
| "obyte", | ||
| "chatbot", | ||
| "library" | ||
| ], | ||
| "author": "Fahmi Akbar Wildana @DrSensor", | ||
| "license": "MIT", | ||
| "dependencies": { | ||
| "ocore": "github:byteball/ocore", | ||
| "strict-event-emitter-types": "^2.0.0", | ||
| "tslib": "^1.9.3" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git+https://github.com/DrSensor/bot-byte.git" | ||
| "devDependencies": { | ||
| "headless-obyte": "github:byteball/headless-obyte" | ||
| }, | ||
| "author": "", | ||
| "license": "MIT", | ||
| "bugs": { | ||
| "url": "https://github.com/DrSensor/bot-byte/issues" | ||
| }, | ||
| "homepage": "https://github.com/DrSensor/bot-byte#readme" | ||
| "gitHead": "58de61a8742746bb925418bc927ebc2e7d36a486" | ||
| } |
New alerts
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
Fixed alerts
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by21799.55%
96358
- Number of package files
- increased by1600%
17
- Lines of code
- increased byInfinity%
2301
Worsened metrics
- Dependency count
- increased byInfinity%
3
- Dev dependency count
- increased byInfinity%
1
- Number of high supply chain risk alerts
- increased byInfinity%
1
- Number of low supply chain risk alerts
- increased byInfinity%
5
Dependency changes
+ Addedocore@github:byteball/ocore
+ Addedtslib@^1.9.3
+ Addedstrict-event-emitter-types@2.0.0(transitive)
+ Addedtslib@1.14.1(transitive)