asciidoctor.js
Advanced tools
Comparing version 1.5.2 to 1.5.3-preview.1
{ | ||
"name": "asciidoctor.js", | ||
"version": "1.5.2", | ||
"version": "1.5.3-preview.1", | ||
"description": "A JavaScript AsciiDoc processor, cross-compiled from the Ruby-based AsciiDoc implementation, Asciidoctor, using Opal", | ||
@@ -45,3 +45,3 @@ "main": "dist/npm/asciidoctor-core.min.js", | ||
"dependencies": { | ||
"opal-npm-wrapper": "git://github.com/anthonny/opal-npm-wrapper.git#0.1.1", | ||
"opal-npm-wrapper": "^0.1.1", | ||
"xmlhttprequest": "~1.6.0" | ||
@@ -48,0 +48,0 @@ }, |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
0
1363324
5
146
2
+ Addedopal-npm-wrapper@0.1.1(transitive)
Updatedopal-npm-wrapper@^0.1.1