@toptal/davinci-cli-shared - npm Package Compare versions

Comparing version 2.3.5 to 2.3.6-alpha-FX-NULL-update-dependency-40bf86a2.3

package.json

 {
   "name": "@toptal/davinci-cli-shared",
-  "version": "2.3.5",
+  "version": "2.3.6-alpha-FX-NULL-update-dependency-40bf86a2.3+40bf86a2",
   "description": "Shared CLI code and CLI engine for davinci",
@@ -26,4 +26,6 @@ "publishConfig": {
     "chalk": "^4.1.2",
+    "commander": "^10.0.0",
     "execa": "^5.1.1",
     "find-yarn-workspace-root": "^2.0.0",
+    "gradient-string": "^2.0.0",
     "inquirer": "^8.2.4",
@@ -33,12 +35,11 @@ "isomorphic-git": "^1.24.5",
     "lodash": "^4.17.21",
+    "ora": "^5.4.1",
     "proper-lockfile": "^4.1.2",
     "read-pkg-up": "7.0.1",
-    "semver": "^7.5.3",
-    "commander": "^10.0.0",
-    "gradient-string": "^2.0.0",
-    "ora": "^5.4.1"
+    "semver": "^7.5.3"
   },
   "devDependencies": {
     "@jest/globals": "^29.4.2"
-  }
+  },
+  "gitHead": "40bf86a291da148af53a4aad87100760b60dd3d1"
 }

New alerts

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

52526

increased by0.21%

Worsened metrics

Number of low quality alerts

2

increased by100%

Number of medium supply chain risk alerts

2

increased by100%

No dependency changes