bamboo - npm Package Compare versions

Comparing version 0.0.1-pre0 to 0.0.1-pre1

package.json

 {
   "name": "bamboo",
-  "version": "0.0.1-pre0",
-  "description": "web app framework",
-  "main": "index.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
-  },
+  "version": "0.0.1-pre1",
   "author": "Roman Shtylman <shtylman@gmail.com>",
-  "license": "MIT",
   "dependencies": {
-    "inherits": "1.0.0",
-    "dombie": "0.0.1"
+    "inherits": "2.0.0",
+    "superagent": "shtylman/superagent#0.15.4-dz0"
   }
 }

New alerts

GitHub dependency

Supply chain risk

Contains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Improved metrics

Number of low quality alerts

2

decreased by-33.33%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Total package byte prevSize

4802

decreased by-57.27%

Number of package files

6

decreased by-57.14%

Lines of code

156

decreased by-56.55%

Number of medium quality alerts

2

increased by100%

Number of lines in readme file

0

decreased by-100%

Number of high supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedsuperagent@shtylman/superagent#0.15.4-dz0

• + Addedinherits@2.0.0(transitive)

• - Removeddombie@0.0.1

• - Removeddombie@0.0.1(transitive)

• - Removedinherits@1.0.0(transitive)

• Updatedinherits@2.0.0