@podium/schemas - npm Package Compare versions

Comparing version 5.0.0-next.3 to 5.0.0-next.4

CHANGELOG.md

@@ -0,1 +1,8 @@
+# [5.0.0-next.4](https://github.com/podium-lib/schemas/compare/v5.0.0-next.3...v5.0.0-next.4) (2021-04-25)
+
+
+### Bug Fixes
+
+* Use ESM workaround for dirname to find path to schema ([#113](https://github.com/podium-lib/schemas/issues/113)) ([ed40808](https://github.com/podium-lib/schemas/commit/ed408081e4c56e4ba794839459331d5454e0c5f3))
+
 # [5.0.0-next.3](https://github.com/podium-lib/schemas/compare/v5.0.0-next.2...v5.0.0-next.3) (2021-04-25)
@@ -2,0 +9,0 @@

package.json

 {
   "name": "@podium/schemas",
-  "version": "5.0.0-next.3",
+  "version": "5.0.0-next.4",
   "type": "module",
@@ -30,6 +30,6 @@ "description": "Schemas for validating the @podium contract.",
   ],
-  "main": "./dist/cjs/validate.js",
+  "main": "./dist/validate.js",
   "exports": {
-    "import": "./dist/esm/validate.js",
-    "require": "./dist/cjs/validate.js"
+    "require": "./dist/validate.js",
+    "import": "./src/validate.js"
   },
@@ -45,4 +45,3 @@ "scripts": {
     "ajv": "8.1.0",
-    "ajv-formats": "2.0.2",
-    "find-up": "5.0.0"
+    "ajv-formats": "2.0.2"
   },
@@ -49,0 +48,0 @@ "devDependencies": {

src/schema.js

@@ -1,7 +0,10 @@
-import findUp from 'find-up';
+import { join, dirname } from 'path';
+import { fileURLToPath } from 'url';
 import fs from 'fs';
 
-const schema = findUp.sync('schema/manifest.schema.json');
+const currentDirectory = dirname(fileURLToPath(import.meta.url));
+
+const schema = join(currentDirectory, '../schema/manifest.schema.json');
 const file = fs.readFileSync(schema, 'utf-8');
 
 export default JSON.parse(file);

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Dependency count

2

decreased by-33.33%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

23615

decreased by-4.24%

Number of package files

10

decreased by-9.09%

Lines of code

228

decreased by-14.61%

Dependency changes

• - Removedfind-up@5.0.0

• - Removedfind-up@5.0.0(transitive)

• - Removedlocate-path@6.0.0(transitive)

• - Removedp-limit@3.1.0(transitive)

• - Removedp-locate@5.0.0(transitive)

• - Removedpath-exists@4.0.0(transitive)

• - Removedyocto-queue@0.1.0(transitive)