array-collector - npm Package Compare versions

Comparing version 1.0.1 to 2.0.0

package.json

 {
   "name": "array-collector",
-  "version": "1.0.1",
-  "description": "A library to perform operations on large arrays of objects.",
-  "keywords": [
-    "array",
-    "object",
-    "merger"
-  ],
-  "main": "lib/array-collector.js",
+  "version": "2.0.0",
+  "description": "",
+  "main": "index.js",
   "scripts": {
-    "test": "./node_modules/.bin/mocha spec"
+    "test": "echo \"Error: no test specified\" && exit 1"
   },
-  "author": "Daniele Piccone",
-  "license": "MIT",
-  "devDependencies": {
-    "mocha": "2.4.5",
-    "sinon": "1.17.4",
-    "unexpected": "10.13.3"
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/npm/deprecate-holder.git"
   },
-  "dependencies": {}
+  "author": "",
+  "license": "ISC",
+  "bugs": {
+    "url": "https://github.com/npm/deprecate-holder/issues"
+  },
+  "homepage": "https://github.com/npm/deprecate-holder#readme"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Improved metrics

Dev dependency count

0

decreased by-100%

Number of lines in readme file

6

increased by100%

Number of low supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

677

decreased by-94.29%

Number of package files

2

decreased by-60%

Lines of code

0

decreased by-100%

Number of medium supply chain risk alerts

3

increased byInfinity%

No dependency changes