any-promise - npm Package Compare versions

Comparing version 0.2.0 to 1.0.0

package.json

 {
   "name": "any-promise",
-  "version": "0.2.0",
+  "version": "1.0.0",
   "description": "Resolve any installed ES6 compatible promise",
@@ -5,0 +5,0 @@ "main": "index.js",

README.md

@@ -39,3 +39,3 @@ ## Any Promise
 # Install any libraries you would like to use depending on any-promise
-$ npm install fs-promise
+$ npm install mz
 # Remove potentially duplicated `any-promise` packages
@@ -42,0 +42,0 @@ $ npm dedupe

register.js

@@ -13,13 +13,12 @@ "use strict"
  * 1. Previous registration
- * 2. Implementation specified by PROMISE_IMPL
- * 3. global.Promise if node.js version >= 0.12
- * 4. Auto detected promise based on first sucessful require of
+ * 2. global.Promise if node.js version >= 0.12
+ * 3. Auto detected promise based on first sucessful require of
  *    known promise libraries. Note this is a last resort, as the
  *    loaded library is non-deterministic. node.js >= 0.12 will
  *    always use global.Promise over this priority list.
- * 5. Throws error.
+ * 4. Throws error.
  */
 module.exports = register
 function register(implementation){
-  implementation = implementation || process.env.PROMISE_IMPL || null
+  implementation = implementation || null
 
@@ -26,0 +25,0 @@ if(registered !== null

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Number of low quality alerts

0

decreased by-100%

Number of low supply chain risk alerts

1

decreased by-50%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

11503

decreased by-0.72%

Lines of code

143

decreased by-0.69%

No dependency changes