ant-util - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

package.json

 {
   "name": "ant-util",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "ant工具组件",
-  "main": "index.js",
+  "main": "lib/index.js",
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "dev": "babel src -d lib",
+    "start": "npm run dev",
+    "build": "webpack"
   },
   "author": "",
-  "license": "ISC"
+  "license": "ISC",
+  "devDependencies": {
+    "babel-cli": "^6.7.7",
+    "babel-core": "^6.7.7",
+    "babel-eslint": "^7.1.0",
+    "babel-jest": "^20.0.1",
+    "babel-loader": "^6.2.4",
+    "babel-plugin-import": "^1.1.0",
+    "babel-plugin-transform-builtin-extend": "^1.1.0",
+    "babel-plugin-transform-decorators-legacy": "^1.3.4",
+    "babel-plugin-transform-remove-strict-mode": "0.0.2",
+    "babel-plugin-transform-runtime": "^6.9.0",
+    "babel-polyfill": "^6.20.0",
+    "babel-preset-es2015": "^6.6.0",
+    "babel-preset-react": "^6.5.0",
+    "babel-preset-stage-0": "^6.5.0",
+    "babel-register": "^6.7.2",
+    "babel-runtime": "^6.11.6",
+    "eslint": "^3.19.0",
+    "eslint-config-airbnb": "^12.0.0",
+    "eslint-plugin-babel": "^3.0.0",
+    "eslint-plugin-import": "^1.6.1",
+    "eslint-plugin-jsx-a11y": "^2.0.1",
+    "eslint-plugin-markdown": "^1.0.0-beta.4",
+    "eslint-plugin-react": "^6.3.0",
+    "eslint-tinker": "^0.3.2",
+    "webpack": "^1.12.2",
+    "webpack-dev-server": "^1.11.0"
+  },
+  "dependencies": {
+    "lodash": "^3.10.1",
+    "react-kendo": "~0.13.11",
+    "underscore": "^1.8.3"
+  }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

17861

increased by8055.71%

Number of package files

20

increased by1900%

Lines of code

406

increased byInfinity%

Number of low quality alerts

1

decreased by-50%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

13

increased byInfinity%

Worsened metrics

Dependency count

3

increased byInfinity%

Dev dependency count

26

increased byInfinity%

Number of low supply chain risk alerts

2

increased by100%

Number of medium supply chain risk alerts

3

increased by200%

Dependency changes

• + Addedlodash@^3.10.1

• + Addedreact-kendo@~0.13.11

• + Addedunderscore@^1.8.3

• + Addedjs-tokens@4.0.0(transitive)

• + Addedlodash@3.10.1(transitive)

• + Addedloose-envify@1.4.0(transitive)

• + Addedreact@18.3.1(transitive)

• + Addedreact-kendo@0.13.11(transitive)

• + Addedunderscore@1.13.7(transitive)