Comparing version 6.7.0 to 6.7.1-test.1
{ | ||
"name": "babylon", | ||
"version": "6.7.0", | ||
"version": "6.7.1-test.1", | ||
"description": "A JavaScript parser", | ||
@@ -8,13 +8,27 @@ "author": "Sebastian McKenzie <sebmck@gmail.com>", | ||
"license": "MIT", | ||
"repository": "https://github.com/babel/babel/tree/master/packages/babylon", | ||
"main": "index.js", | ||
"repository": "https://github.com/babel/babylon", | ||
"main": "lib/index.js", | ||
"dependencies": { | ||
"babel-runtime": "^5.0.0" | ||
"babel-runtime": "^6.0.0" | ||
}, | ||
"devDependencies": { | ||
"babel-helper-fixtures": "^6.6.5" | ||
"ava": "^0.12.0", | ||
"babel-cli": "^6.0.0", | ||
"babel-helper-fixtures": "^6.6.5", | ||
"babel-plugin-transform-class-properties": "^6.6.0", | ||
"babel-plugin-transform-runtime": "^6.0.0", | ||
"babel-preset-es2015": "^6.0.0", | ||
"babel-preset-react": "^6.0.0", | ||
"babel-preset-stage-0": "^6.5.0", | ||
"kcheck": "^2.0.1" | ||
}, | ||
"bin": { | ||
"babylon": "./bin/babylon.js" | ||
}, | ||
"scripts": { | ||
"test": "npm run build && npm run lint && ava test/", | ||
"lint": "kcheck", | ||
"build": "babel src --out-dir lib", | ||
"watch": "babel src --out-dir lib --watch" | ||
} | ||
} | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
High entropy strings
Supply chain riskContains high entropy strings. This could be a sign of encrypted data, leaked secrets or obfuscated code.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
11
2
7032
9
12
1
+ Addedbabel-runtime@6.26.0(transitive)
+ Addedcore-js@2.6.12(transitive)
+ Addedregenerator-runtime@0.11.1(transitive)
- Removedbabel-runtime@5.8.38(transitive)
- Removedcore-js@1.2.7(transitive)
Updatedbabel-runtime@^6.0.0