argon2 - npm Package Compare versions

Comparing version 0.31.2 to 0.40.0-alpha.1

package.json

 {
   "name": "argon2",
-  "version": "0.31.2",
+  "version": "0.40.0-alpha.1",
   "description": "An Argon2 library for Node",
-  "main": "argon2.js",
+  "keywords": [
+    "argon2",
+    "crypto",
+    "encryption",
+    "hashing",
+    "password"
+  ],
+  "homepage": "https://github.com/ranisalt/node-argon2#readme",
+  "bugs": {
+    "url": "https://github.com/ranisalt/node-argon2/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/ranisalt/node-argon2.git"
+  },
+  "license": "MIT",
+  "author": "Ranieri Althoff <ranisalt+argon2@gmail.com>",
+  "type": "module",
+  "main": "argon2.mjs",
+  "types": "argon2.d.ts",
   "files": [
     "argon2_node.cpp",
     "argon2.d.ts",
+    "argon2.d.ts.map",
     "binding.gyp",
@@ -22,60 +42,33 @@ "argon2/CHANGELOG.md",
     "argon2/src/thread.c",
-    "argon2/src/thread.h"
+    "argon2/src/thread.h",
+    "prebuilds/**/*.node"
   ],
-  "types": "argon2.d.ts",
+  "binary": {
+    "napi_versions": [
+      8
+    ]
+  },
   "scripts": {
-    "install": "node-pre-gyp install --fallback-to-build",
-    "format": "prettier --write \"**/*.{js,json,ts}\"",
-    "test": "c8 mocha --timeout 5000 test/test.js",
-    "test:ts": "tsc -p . && node test/test-d.js"
+    "build": "prebuildify --napi --strip --tag-armv --tag-libc",
+    "format": "prettier --write \"*.{json,mjs}\"",
+    "install": "node-gyp-build",
+    "prepack": "yarn prepare",
+    "prepare": "tsc",
+    "test": "node --test test.mjs"
   },
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/ranisalt/node-argon2.git"
-  },
-  "keywords": [
-    "argon2",
-    "crypto",
-    "encryption",
-    "hashing",
-    "password"
-  ],
-  "author": "Ranieri Althoff <ranisalt+argon2@gmail.com>",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/ranisalt/node-argon2/issues"
-  },
-  "homepage": "https://github.com/ranisalt/node-argon2#readme",
   "dependencies": {
-    "@mapbox/node-pre-gyp": "^1.0.11",
     "@phc/format": "^1.0.0",
-    "node-addon-api": "^7.0.0"
+    "node-addon-api": "^7.0.0",
+    "node-gyp-build": "^4.7.1"
   },
   "devDependencies": {
-    "@types/node": "^20.8.10",
-    "c8": "^8.0.1",
-    "mocha": "^10.2.0",
+    "@types/node": "^20.10.5",
     "node-gyp": "^10.0.1",
-    "prettier": "^3.0.0",
-    "typescript": "^5.1.6"
+    "prebuildify": "^5.0.1",
+    "prettier": "^3.1.1",
+    "typescript": "^5.3.3"
   },
-  "binary": {
-    "module_name": "argon2",
-    "module_path": "./lib/binding/napi-v{napi_build_version}",
-    "host": "https://github.com/ranisalt/node-argon2/releases/download/",
-    "remote_path": "v{version}",
-    "package_name": "{module_name}-v{version}-napi-v{napi_build_version}-{platform}-{arch}-{libc}.tar.gz",
-    "napi_versions": [
-      3
-    ]
-  },
   "engines": {
-    "node": ">=14.0.0"
+    "node": ">=16.17.0"
   },
-  "standard": {
-    "env": "mocha",
-    "ignore": [
-      "test/test-d.js"
-    ]
-  },
   "collective": {
@@ -82,0 +75,0 @@ "type": "opencollective",

README.md

@@ -6,4 +6,2 @@ # node-argon2
 [![NPM package][npm-image]][npm-url]
-[![Coverage status][coverage-image]][coverage-url]
-[![Code Quality][codequality-image]][codequality-url]
 
@@ -72,4 +70,4 @@ Bindings to the reference [Argon2](https://github.com/P-H-C/phc-winner-argon2)
 - Windows Server 2019 (x86-64)
-- Alpine Linux 3.13 (x86-64 from v0.28.1; ARM64 from v0.28.2)
-- FreeBSD 13.1 (x86-64 from v0.29.1)
+- Alpine Linux 3.18 (x86-64 from v0.28.1; ARM64 from v0.28.2)
+- FreeBSD 14 (x86-64 from v0.29.1)
 
@@ -91,3 +89,3 @@ Binaries should also work for any version more recent than the ones listed
 
-**node-argon2** works only and is tested against Node >=14.0.0.
+**node-argon2** works only and is tested against Node >=18.0.0.
 
@@ -155,3 +153,3 @@ ### OSX
   </summary>
-  
+
   This seems to be an issue related to snap (see [#345 (comment)](https://github.com/ranisalt/node-argon2/issues/345#issuecomment-1164178674)). Installing Node with another package manager, such as [asdf](https://asdf-vm.com/) or [nvm](https://github.com/nvm-sh/nvm), is a possible workaround.
@@ -219,5 +217,1 @@ </details>
 [actions-url]: https://github.com/ranisalt/node-argon2/actions
-[coverage-image]: https://img.shields.io/codacy/coverage/3aa6daee00154e1492660ecb2f788f73/master.svg?style=flat-square
-[coverage-url]: https://app.codacy.com/gh/ranisalt/node-argon2
-[codequality-image]: https://img.shields.io/codacy/grade/3aa6daee00154e1492660ecb2f788f73/master.svg?style=flat-square
-[codequality-url]: https://app.codacy.com/gh/ranisalt/node-argon2

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

885390

increased by381.25%

Dev dependency count

5

decreased by-16.67%

Number of package files

31

increased by29.17%

Number of high supply chain risk alerts

0

decreased by-100%

Number of low supply chain risk alerts

0

decreased by-100%

Is type module

Yes

Worsened metrics

Lines of code

144

decreased by-1.37%

Number of lines in readme file

213

decreased by-2.74%

Number of medium supply chain risk alerts

2

increased by100%

Dependency changes

• + Addednode-gyp-build@^4.7.1

• + Addednode-gyp-build@4.8.2(transitive)

• - Removed@mapbox/node-pre-gyp@^1.0.11

• - Removed@mapbox/node-pre-gyp@1.0.11(transitive)

• - Removedabbrev@1.1.1(transitive)

• - Removedagent-base@6.0.2(transitive)

• - Removedansi-regex@5.0.1(transitive)

• - Removedaproba@2.0.0(transitive)

• - Removedare-we-there-yet@2.0.0(transitive)

• - Removedbalanced-match@1.0.2(transitive)

• - Removedbrace-expansion@1.1.11(transitive)

• - Removedchownr@2.0.0(transitive)

• - Removedcolor-support@1.1.3(transitive)

• - Removedconcat-map@0.0.1(transitive)

• - Removedconsole-control-strings@1.1.0(transitive)

• - Removeddebug@4.3.7(transitive)

• - Removeddelegates@1.0.0(transitive)

• - Removeddetect-libc@2.0.3(transitive)

• - Removedemoji-regex@8.0.0(transitive)

• - Removedfs-minipass@2.1.0(transitive)

• - Removedfs.realpath@1.0.0(transitive)

• - Removedgauge@3.0.2(transitive)

• - Removedglob@7.2.3(transitive)

• - Removedhas-unicode@2.0.1(transitive)

• - Removedhttps-proxy-agent@5.0.1(transitive)

• - Removedinflight@1.0.6(transitive)

• - Removedinherits@2.0.4(transitive)

• - Removedis-fullwidth-code-point@3.0.0(transitive)

• - Removedmake-dir@3.1.0(transitive)

• - Removedminimatch@3.1.2(transitive)

• - Removedminipass@3.3.65.0.0(transitive)

• - Removedminizlib@2.1.2(transitive)

• - Removedmkdirp@1.0.4(transitive)

• - Removedms@2.1.3(transitive)

• - Removednode-fetch@2.7.0(transitive)

• - Removednopt@5.0.0(transitive)

• - Removednpmlog@5.0.1(transitive)

• - Removedobject-assign@4.1.1(transitive)

• - Removedonce@1.4.0(transitive)

• - Removedpath-is-absolute@1.0.1(transitive)

• - Removedreadable-stream@3.6.2(transitive)

• - Removedrimraf@3.0.2(transitive)

• - Removedsafe-buffer@5.2.1(transitive)

• - Removedsemver@6.3.17.6.3(transitive)

• - Removedset-blocking@2.0.0(transitive)

• - Removedsignal-exit@3.0.7(transitive)

• - Removedstring-width@4.2.3(transitive)

• - Removedstring_decoder@1.3.0(transitive)

• - Removedstrip-ansi@6.0.1(transitive)

• - Removedtar@6.2.1(transitive)

• - Removedtr46@0.0.3(transitive)

• - Removedutil-deprecate@1.0.2(transitive)

• - Removedwebidl-conversions@3.0.1(transitive)

• - Removedwhatwg-url@5.0.0(transitive)

• - Removedwide-align@1.1.5(transitive)

• - Removedwrappy@1.0.2(transitive)

• - Removedyallist@4.0.0(transitive)