@skills-supply/sk
Advanced tools
@skills-supply/sk - npm Package Compare versions
Sorry, the diff of this file is too big to display
+11
-6
@@ -8,3 +8,3 @@ { | ||
| "@clack/prompts": "^0.11.0", | ||
| "@skills-supply/agents-toml": "latest", | ||
| "@skills-supply/core": "*", | ||
| "commander": "^14.0.2", | ||
@@ -24,2 +24,5 @@ "consola": "^3.4.2", | ||
| }, | ||
| "exports": { | ||
| ".": "./dist/index.js" | ||
| }, | ||
| "files": [ | ||
@@ -46,5 +49,6 @@ "dist", | ||
| "scripts": { | ||
| "build": "bun run build:binary && bun run build:node", | ||
| "build:binary": "bun build ./src/cli.ts --compile --outfile ./bin/sk", | ||
| "build:node": "bun build ./src/cli.ts --outdir ./dist --target node", | ||
| "build": "bun run build:binary && bun run build:node && bun run build:core", | ||
| "build:binary": "bun build ./cli.ts --compile --outfile ./bin/sk", | ||
| "build:core": "bun build ./index.ts --outdir ./dist --target node", | ||
| "build:node": "bun build ./cli.ts --outdir ./dist --target node", | ||
| "clean": "rm -rf dist bin", | ||
@@ -55,6 +59,7 @@ "test": "vitest", | ||
| "test:unit": "vitest --exclude tests/e2e", | ||
| "tsc": "npx tsc -p tsconfig.json" | ||
| "tsc": "bun run build:core && npx tsc -p tsconfig.json" | ||
| }, | ||
| "type": "module", | ||
| "version": "0.1.8" | ||
| "types": "./index.d.ts", | ||
| "version": "0.2.2" | ||
| } |
Sorry, the diff of this file is too big to display
New alerts
Wildcard dependency
QualityPackage has a dependency with a floating version range. This can cause issues if the dependency publishes a new major version.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
1727708
195.36%- Number of package files
4
33.33%- Lines of code
49534
212.1%- Number of medium supply chain risk alerts
4
-87.88%Worsened metrics
- Number of medium quality alerts
2
100%- Number of low supply chain risk alerts
42
10.53%Dependency changes
+ Added
@skills-supply/core@*- Removed
@skills-supply/agents-toml@latest- Removed
@skills-supply/agents-toml@0.1.3(transitive)- Removed
zod@4.3.6(transitive)