babel-plugin-object-source - npm Package Compare versions

Comparing version 1.0.2 to 1.0.3

package.json

 {
   "name": "babel-plugin-object-source",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "main": "index.js",
@@ -30,4 +30,5 @@ "description":
     "babel-core": "^6.26.0",
+    "@babel/core": "7.0.0-beta.47",
     "jest": "^22.0.3"
   }
 }

README.md

@@ -68,1 +68,12 @@ ## babel-plugin-object-source
 ```
+
+### Package testing
+
+Since plugin should work properly with `babel-core@^6.26.0` and `babel core@^7.0.0` versions, it should be included in integration tests.
+Hovewer, `npm` does not support existence of different versions of same package in `dependencies` or `devDependencies`.
+
+Unfontunely, there is no smart workaround for this: see [here](https://github.com/npm/npm/issues/5499#issuecomment-129481232)
+and [here](https://stackoverflow.com/questions/43770328/) for more details.
+
+That's why repository introduces fake `babelcore6-1.0.0.tgz` and `babelcore7-1.0.0.tgz` local packages.
+They does not include nothing, execpt dependency for `babel-core@^6.26.0` and `babel core@^7.0.0` packages respectively.

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Number of lines in readme file

79

increased by16.18%

Number of low supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

9342

decreased by-60.91%

Dev dependency count

3

increased by50%

Number of package files

3

decreased by-50%

Lines of code

118

decreased by-47.32%

No dependency changes