@sproutsocial/seeds-utils - npm Package Compare versions

Comparing version 0.1.4 to 0.1.5

package.json

 {
   "name": "@sproutsocial/seeds-utils",
-  "version": "0.1.4",
+  "version": "0.1.5",
   "description": "SEEDS shared utility functions for generating tokens and documentation.",
@@ -5,0 +5,0 @@ "main": "dist/seeds-typography.js",

versions.js

 const globby = require('globby');
 
-const packages = globby.sync([process.cwd() + '/packages/seeds-*/package.json']);
+const packages = globby.sync([process.cwd() + '/packages/seeds-*/package.json', process.cwd() + '/package.json']);
 const versions = {};
@@ -8,5 +8,8 @@
   const packageJson = require(packageJsonPath);
-  versions[packageJson.name.replace('@sproutsocial/', '')] = packageJson.version;
+  versions[packageJson.name.replace('@sproutsocial/', '')] = {
+    version: packageJson.version,
+    stability: packageJson.stability
+  };
 });
 
 module.exports = versions;

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

11892

increased by14.28%

Number of package files

20

increased by5.26%

Lines of code

352

increased by15.79%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Number of low supply chain risk alerts

2

increased by100%

No dependency changes