@rushstack/rig-package
Advanced tools
Comparing version 0.0.0 to 0.1.0
{ | ||
"license": "MIT", | ||
"name": "@rushstack/rig-package", | ||
"version": "0.0.0" | ||
"name": "@rushstack/rig-package", | ||
"version": "0.1.0", | ||
"description": "A system for sharing tool configurations between projects without duplicating config files.", | ||
"main": "lib/index.js", | ||
"typings": "dist/rig-package.d.ts", | ||
"license": "MIT", | ||
"repository": { | ||
"url": "https://github.com/microsoft/rushstack/tree/master/libraries/rig-package" | ||
}, | ||
"scripts": { | ||
"build": "heft test --clean" | ||
}, | ||
"dependencies": { | ||
"@types/node": "10.17.13", | ||
"resolve": "~1.17.0", | ||
"strip-json-comments": "~3.1.1" | ||
}, | ||
"devDependencies": { | ||
"@microsoft/rush-stack-compiler-3.5": "0.8.21", | ||
"@rushstack/eslint-config": "2.1.1", | ||
"@rushstack/heft": "0.13.9", | ||
"@types/heft-jest": "1.0.1", | ||
"@types/resolve": "1.17.1", | ||
"@types/strip-json-comments": "3.0.0", | ||
"ajv": "~6.12.5", | ||
"resolve": "~1.17.0" | ||
} | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
50026
16
537
0
203
3
8
2
2
+ Added@types/node@10.17.13
+ Addedresolve@~1.17.0
+ Addedstrip-json-comments@~3.1.1
+ Added@types/node@10.17.13(transitive)
+ Addedpath-parse@1.0.7(transitive)
+ Addedresolve@1.17.0(transitive)
+ Addedstrip-json-comments@3.1.1(transitive)