babylon - npm Package Compare versions
Comparing version 6.7.0 to 6.7.1-test.1
| { | ||
| "name": "babylon", | ||
| "version": "6.7.0", | ||
| "version": "6.7.1-test.1", | ||
| "description": "A JavaScript parser", | ||
@@ -8,13 +8,27 @@ "author": "Sebastian McKenzie <sebmck@gmail.com>", | ||
| "license": "MIT", | ||
| "repository": "https://github.com/babel/babel/tree/master/packages/babylon", | ||
| "main": "index.js", | ||
| "repository": "https://github.com/babel/babylon", | ||
| "main": "lib/index.js", | ||
| "dependencies": { | ||
| "babel-runtime": "^5.0.0" | ||
| "babel-runtime": "^6.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "babel-helper-fixtures": "^6.6.5" | ||
| "ava": "^0.12.0", | ||
| "babel-cli": "^6.0.0", | ||
| "babel-helper-fixtures": "^6.6.5", | ||
| "babel-plugin-transform-class-properties": "^6.6.0", | ||
| "babel-plugin-transform-runtime": "^6.0.0", | ||
| "babel-preset-es2015": "^6.0.0", | ||
| "babel-preset-react": "^6.0.0", | ||
| "babel-preset-stage-0": "^6.5.0", | ||
| "kcheck": "^2.0.1" | ||
| }, | ||
| "bin": { | ||
| "babylon": "./bin/babylon.js" | ||
| }, | ||
| "scripts": { | ||
| "test": "npm run build && npm run lint && ava test/", | ||
| "lint": "kcheck", | ||
| "build": "babel src --out-dir lib", | ||
| "watch": "babel src --out-dir lib --watch" | ||
| } | ||
| } | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
High entropy strings
Supply chain riskContains high entropy strings. This could be a sign of encrypted data, leaked secrets or obfuscated code.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Improved metrics
- Number of package files
- increased by57.14%
11
- Number of low supply chain risk alerts
- decreased by-66.67%
2
Worsened metrics
- Total package byte prevSize
- decreased by-96.58%
7032
- Dev dependency count
- increased by800%
9
- Lines of code
- decreased by-99.77%
12
- Number of low quality alerts
- increased byInfinity%
1
Dependency changes
+ Addedbabel-runtime@6.26.0(transitive)
+ Addedcore-js@2.6.12(transitive)
+ Addedregenerator-runtime@0.11.1(transitive)
- Removedbabel-runtime@5.8.38(transitive)
- Removedcore-js@1.2.7(transitive)
Updatedbabel-runtime@^6.0.0