accord - npm Package Compare versions
Comparing version 0.27.0 to 0.27.1
| { | ||
| "name": "accord", | ||
| "description": "A unified interface for compiled languages and templates in JavaScript", | ||
| "version": "0.27.0", | ||
| "version": "0.27.1", | ||
| "author": "Jeff Escalante", | ||
@@ -36,5 +36,5 @@ "bugs": "https://github.com/jescalan/accord", | ||
| "coffee-script": "^1.12.5", | ||
| "coveralls": "^2.13.0", | ||
| "coveralls": "^2.13.1", | ||
| "css-parse": "^2.0.0", | ||
| "csso": "^3.1.0", | ||
| "csso": "^3.1.1", | ||
| "dogescript": "^2.3.0", | ||
@@ -45,3 +45,3 @@ "dot": "^1.1.1", | ||
| "hamljs": "^0.6.2", | ||
| "handlebars": "^4.0.6", | ||
| "handlebars": "^4.0.8", | ||
| "he": "^1.1.1", | ||
@@ -63,3 +63,3 @@ "hogan.js": "^3.0.2", | ||
| "postcss-simple-vars": "^3.1.0", | ||
| "pug": "^2.0.0-beta11", | ||
| "pug": "^2.0.0-rc.1", | ||
| "react-tools": "^0.13.3", | ||
@@ -66,0 +66,0 @@ "stylus": "^0.54.5", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by76.05%
102763
- Lines of code
- increased byInfinity%
2596
Worsened metrics
- Number of low supply chain risk alerts
- increased byInfinity%
22