bemhtml-syntax - npm Package Compare versions

Comparing version 0.0.23 to 0.0.24

package.json

 {
   "name": "bemhtml-syntax",
-  "version": "0.0.23",
+  "version": "0.0.24",
   "description": "BEMHTML syntax converter",
@@ -28,3 +28,3 @@ "main": "lib/syntax.js",
     "bemhtml-compat": "",
-    "krasota": "https://github.com/vkz/krasota.js.git#current",
+    "krasota": "",
 
@@ -37,6 +37,6 @@ "bh": "2.2.0",
     "xjst": "0.4.21",
+    "escodegen": "1.6.1",
     "q": ""
   },
   "devDependencies": {
-    "escodegen": "1.6.1",
     "mocha": "2.2.4",
@@ -43,0 +43,0 @@ "ze-helpers": ""

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Wildcard dependency

Quality

Package has a dependency with a floating version range. This can cause issues if the dependency publishes a new major version.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

HTTP dependency

Supply chain risk

Contains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Improved metrics

Dev dependency count

2

decreased by-33.33%

Number of high supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

4

decreased by-20%

Worsened metrics

Total package byte prevSize

2460396

Dependency count

14

increased by7.69%

Number of medium quality alerts

4

increased by33.33%

Dependency changes

• + Addedescodegen@1.6.1

• + Addeddeep-is@0.1.4(transitive)

• + Addedescodegen@1.6.1(transitive)

• + Addedestraverse@1.9.3(transitive)

• + Addedesutils@1.1.6(transitive)

• + Addedevent-queue@0.2.0(transitive)

• + Addedeyes@0.1.8(transitive)

• + Addedfast-levenshtein@1.0.7(transitive)

• + Addedignore@2.2.8(transitive)

• + Addedkrasota@0.2.2(transitive)

• + Addedlevn@0.2.5(transitive)

• + Addedoptionator@0.5.0(transitive)

• + Addedprelude-ls@1.1.2(transitive)

• + Addedq@0.7.2(transitive)

• + Addedtype-check@0.3.2(transitive)

• Updatedkrasota@