@sa11y/preset-rules - npm Package Compare versions

Comparing version 4.0.0-alpha.0 to 4.0.0-alpha.7

package.json

 {
     "name": "@sa11y/preset-rules",
-    "version": "4.0.0-alpha.0",
+    "version": "4.0.0-alpha.7",
     "description": "Accessibility preset rule configs for axe",
-    "license": "BSD-3-Clause",
+    "keywords": [
+        "accessibility",
+        "automated testing",
+        "axe"
+    ],
     "homepage": "https://github.com/salesforce/sa11y/tree/master/packages/preset-rules#readme",
@@ -12,7 +16,3 @@ "repository": {
     },
-    "keywords": [
-        "accessibility",
-        "automated testing",
-        "axe"
-    ],
+    "license": "BSD-3-Clause",
     "main": "dist/index.js",
@@ -25,3 +25,3 @@ "types": "dist/index.d.ts",
     "dependencies": {
-        "@sa11y/common": "4.0.0-alpha.0"
+        "@sa11y/common": "4.0.0-alpha.7"
     },
@@ -33,6 +33,9 @@ "devDependencies": {
     },
+    "engines": {
+        "node": "^14 || ^16"
+    },
     "publishConfig": {
         "access": "public"
     },
-    "gitHead": "aeb87b6b27bfd56cf9f3de201456dd821e57b408"
+    "gitHead": "5c00ae3a55dad3cf000ed7aefa32251ce71b2a9a"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

37546

decreased by-43.2%

Number of package files

3

decreased by-88.89%

Lines of code

0

decreased by-100%

Number of medium supply chain risk alerts

3

increased by200%

Dependency changes

• + Added@sa11y/common@4.0.0-alpha.7(transitive)

• - Removed@sa11y/common@4.0.0-alpha.0(transitive)

• Updated@sa11y/common@4.0.0-alpha.7