base - npm Package Compare versions

Comparing version 0.0.1-dev to 0.2.0

package.json

 {
 	"author": "John Le Drew <jp@antz29.com> (http://antz29.com)",
 	"name": "base",
-	"description": "A lightweight micro web framework.",
-	"keywords": ["framework", "api", "web", "mvc", "extensible", "micro"],
-	"version": "0.0.1dev",
-	"homepage": "http://base.antz29.com",
+	"description": "A lightweight micro web framework that integrates with connect.js",
+	"keywords": ["framework", "api", "web", "mvc", "extensible", "micro", "connect"],
+	"version": "0.2.0",
+	"homepage": "http://github.com/antz29/node-base",
 	"repository": {
@@ -24,9 +24,9 @@ "type": "git",
 	"dependencies": {
-		"twister" : ">=0.2.0",
-		"slicer" : ">=0.2.0"
+		"twister" : ">=0.0.1",
+		"slicer" : ">=0.0.1",
+		"configr" : ">=0.0.1",
+		"underscore" : ">=0.0.1",
+		"async" : ">=0.0.1"
 	},
-	"devDependencies": {
-		"expresso" : ">=0.9.0",
-		"linter" : ">=0.0.7"
-	}
+	"devDependencies": {}
 }

README.md

@@ -9,3 +9,3 @@ # node-base - The Base Framework for NodeJS
 
-It's a lightweight, full stack web framework for NodeJS.
+It's a lightweight, full stack web framework for NodeJS that hooks into Connect.js
 
@@ -15,2 +15,3 @@ ## Usage
 
+
 ## Rules
@@ -17,0 +18,0 @@

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

8735

increased by382.06%

Dev dependency count

0

decreased by-100%

Number of package files

9

increased by125%

Lines of code

174

increased by625%

Number of low quality alerts

1

decreased by-50%

Number of lines in readme file

21

increased by5%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Dependency count

5

increased by150%

Number of low supply chain risk alerts

2

increased byInfinity%

Dependency changes

• + Addedasync@>=0.0.1

• + Addedconfigr@>=0.0.1

• + Addedunderscore@>=0.0.1

• + Addedasync@3.2.6(transitive)

• + Addedunderscore@1.13.7(transitive)

• Updatedslicer@>=0.0.1

• Updatedtwister@>=0.0.1