@toruslabs/eccrypto
Advanced tools
@toruslabs/eccrypto - npm Package Compare versions
Comparing version 1.1.8 to 2.0.0
| { | ||
| "name": "@toruslabs/eccrypto", | ||
| "version": "1.1.8", | ||
| "version": "2.0.0", | ||
| "description": "JavaScript Elliptic curve cryptography library, includes fix to browser.js so that encrypt/decrypt works", | ||
| "main": "index.js", | ||
| "main": "browser.js", | ||
| "browser": "browser.js", | ||
| "types": "types.d.ts", | ||
| "scripts": { | ||
| "install": "node-gyp rebuild || exit 0", | ||
| "test": "ECCRYPTO_NO_FALLBACK=1 mocha && xvfb-run -a karma start && jshint .", | ||
@@ -41,23 +40,17 @@ "m": "mocha", | ||
| "browserify": "^17.0.0", | ||
| "buffer-equal": "^1.0.0", | ||
| "chai": "^4.3.4", | ||
| "jshint": "^2.13.0", | ||
| "karma": "^6.3.4", | ||
| "karma-browserify": "^8.0.0", | ||
| "karma-chrome-launcher": "^3.1.0", | ||
| "buffer-equal": "^1.0.1", | ||
| "chai": "^4.3.7", | ||
| "jshint": "^2.13.6", | ||
| "karma": "^6.4.1", | ||
| "karma-browserify": "^8.1.0", | ||
| "karma-chrome-launcher": "^3.1.1", | ||
| "karma-cli": "^2.0.0", | ||
| "karma-firefox-launcher": "^2.1.1", | ||
| "karma-firefox-launcher": "^2.1.2", | ||
| "karma-mocha": "^2.0.1", | ||
| "karma-mocha-reporter": "^2.2.5", | ||
| "mocha": "^9.0.2" | ||
| "mocha": "^10.2.0" | ||
| }, | ||
| "dependencies": { | ||
| "acorn": "^8.4.1", | ||
| "elliptic": "^6.5.4", | ||
| "es6-promise": "^4.2.8", | ||
| "nan": "^2.14.2" | ||
| }, | ||
| "optionalDependencies": { | ||
| "secp256k1": "^3.8.0" | ||
| "elliptic": "^6.5.4" | ||
| } | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Improved metrics
- Dependency count
- decreased by-80%
1
- Number of low supply chain risk alerts
- decreased by-100%
0
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-29.26%
35936
- Number of package files
- decreased by-33.33%
6
- Lines of code
- decreased by-30.15%
549
Dependency changes
- Removedacorn@^8.4.1
- Removedes6-promise@^4.2.8
- Removednan@^2.14.2
- Removedacorn@8.14.0(transitive)
- Removedbindings@1.5.0(transitive)
- Removedbip66@1.1.5(transitive)
- Removedbrowserify-aes@1.2.0(transitive)
- Removedbuffer-xor@1.0.3(transitive)
- Removedcipher-base@1.0.4(transitive)
- Removedcreate-hash@1.2.0(transitive)
- Removedcreate-hmac@1.1.7(transitive)
- Removeddrbg.js@1.0.1(transitive)
- Removedes6-promise@4.2.8(transitive)
- Removedevp_bytestokey@1.0.3(transitive)
- Removedfile-uri-to-path@1.0.0(transitive)
- Removedhash-base@3.1.0(transitive)
- Removedmd5.js@1.3.5(transitive)
- Removednan@2.22.0(transitive)
- Removedreadable-stream@3.6.2(transitive)
- Removedripemd160@2.0.2(transitive)
- Removedsafe-buffer@5.2.1(transitive)
- Removedsecp256k1@3.8.1(transitive)
- Removedsha.js@2.4.11(transitive)
- Removedstring_decoder@1.3.0(transitive)
- Removedutil-deprecate@1.0.2(transitive)