ballet - npm Package Compare versions

Comparing version 0.0.0 to 0.0.1-security

package.json

 {
   "name": "ballet",
-  "version": "0.0.0",
-  "description": "Browser client for Uzo",
+  "version": "0.0.1-security",
+  "description": "",
   "main": "index.js",
   "scripts": {
-    "test": "fox -b"
+    "test": "echo \"Error: no test specified\" && exit 1"
   },
   "repository": {
     "type": "git",
-    "url": "git@github.com:azer/uzo.git"
+    "url": "git+https://github.com/npm/security-holder.git"
   },
-  "keywords": [
-    "realtime",
-    "transportation",
-    "io"
-  ],
-  "author": "Azer Koculu <azer@kodfabrik.com>",
-  "license": "BSD",
-  "dependencies": {
-    "pubsub": "0.0.5"
-  }
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "bugs": {
+    "url": "https://github.com/npm/security-holder/issues"
+  },
+  "homepage": "https://github.com/npm/security-holder#readme"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Known malware

Supply chain risk

This package is malware. We have asked the package registry to remove it.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Misc. License Issues

License

(Experimental) A package's licensing information has fine-grained problems.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Improved metrics

Dependency count

0

decreased by-100%

Number of medium license alerts

0

decreased by-100%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

10

increased byInfinity%

Number of low supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

799

decreased by-91.19%

Number of package files

2

decreased by-81.82%

Lines of code

0

decreased by-100%

Number of critical supply chain risk alerts

1

increased byInfinity%

Number of medium supply chain risk alerts

2

increased byInfinity%

Dependency changes

• - Removedpubsub@0.0.5

• - Removedpubsub@0.0.5(transitive)