better-npm-audit - npm Package Compare versions

Comparing version 3.8.2 to 3.8.3

package.json

 {
-  "name": "better-npm-audit",
-  "version": "3.8.2",
-  "author": "Jee Mok <jee.ict@hotmail.com>",
-  "description": "Reshape into a better npm audit for the community and encourage more people to include security audit into their process.",
-  "license": "MIT",
-  "main": "index.js",
-  "bin": {
-    "better-npm-audit": "./index.js"
-  },
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/jeemok/better-npm-audit"
-  },
-  "engines": {
-    "node": ">= 8.12"
-  },
-  "scripts": {
-    "preaudit": "npm run build",
-    "audit": "node lib audit -x 1064843,1067245",
-    "test": "mocha -r ts-node/register test/**/*.test.ts",
-    "lint": "eslint .",
-    "qc": "npm run test && npm run lint",
-    "clean": "rimraf lib",
-    "prebuild": "npm run qc && npm run clean",
-    "build": "tsc",
-    "postbuild": "cp README.md lib && chmod +x ./lib/index.js",
-    "publish:live": "npm run build && npm publish lib --tag latest",
-    "publish:next": "npm run build && npm publish lib --tag next"
-  },
-  "dependencies": {
-    "commander": "^8.0.0",
-    "dayjs": "^1.10.6",
-    "lodash.get": "^4.4.2",
-    "semver": "^7.6.3",
-    "table": "^6.7.1"
-  },
-  "devDependencies": {
-    "@types/chai": "^4.2.19",
-    "@types/lodash.get": "^4.4.6",
-    "@types/mocha": "^8.2.3",
-    "@types/node": "^16.0.0",
-    "@types/semver": "^7.5.8",
-    "@types/sinon": "^10.0.2",
-    "@typescript-eslint/eslint-plugin": "^4.28.2",
-    "@typescript-eslint/parser": "^4.28.2",
-    "chai": "^4.3.0",
-    "eslint": "^7.25.0",
-    "eslint-config-google": "^0.14.0",
-    "eslint-config-prettier": "^8.3.0",
-    "eslint-plugin-prettier": "^3.4.0",
-    "mocha": "^10.7.3",
-    "prettier": "2.3.2",
-    "rimraf": "^3.0.2",
-    "sinon": "^9.2.4",
-    "ts-node": "^10.0.0",
-    "typescript": "^4.3.5"
-  },
-  "keywords": [
-    "npm",
-    "audit",
-    "skip",
-    "ignore",
-    "exclude",
-    "exceptions",
-    "node",
-    "security",
-    "advisory",
-    "vulnerabilities",
-    "continuous integration",
-    "dependencies",
-    "check",
-    "build",
-    "script",
-    "nsp",
-    "ci"
-  ]
+    "name": "better-npm-audit",
+    "version": "3.8.3",
+    "author": "Jee Mok <jee.ict@hotmail.com>",
+    "description": "Reshape into a better npm audit for the community and encourage more people to include security audit into their process.",
+    "license": "MIT",
+    "main": "index.js",
+    "bin": {
+        "better-npm-audit": "index.js"
+    },
+    "repository": {
+        "type": "git",
+        "url": "https://github.com/jeemok/better-npm-audit"
+    },
+    "engines": {
+        "node": ">= 8.12"
+    },
+    "scripts": {
+        "preaudit": "npm run build",
+        "audit": "node lib audit -x 1064843,1067245",
+        "test": "mocha -r ts-node/register test/**/*.test.ts",
+        "lint": "eslint .",
+        "qc": "npm run test && npm run lint",
+        "clean": "rimraf lib",
+        "prebuild": "npm run qc && npm run clean",
+        "build": "tsc",
+        "postbuild": "cp README.md lib && chmod +x ./lib/index.js",
+        "publish:live": "npm run build && npm publish ./lib --tag latest",
+        "publish:next": "npm run build && npm publish ./lib --tag next"
+    },
+    "dependencies": {
+        "commander": "^8.0.0",
+        "dayjs": "^1.10.6",
+        "lodash.get": "^4.4.2",
+        "semver": "^7.6.3",
+        "table": "^6.7.1"
+    },
+    "devDependencies": {
+        "@types/chai": "^4.2.19",
+        "@types/lodash.get": "^4.4.6",
+        "@types/mocha": "^8.2.3",
+        "@types/node": "^16.0.0",
+        "@types/semver": "^7.5.8",
+        "@types/sinon": "^10.0.2",
+        "@typescript-eslint/eslint-plugin": "^4.28.2",
+        "@typescript-eslint/parser": "^4.28.2",
+        "chai": "^4.3.0",
+        "eslint": "^7.25.0",
+        "eslint-config-google": "^0.14.0",
+        "eslint-config-prettier": "^8.3.0",
+        "eslint-plugin-prettier": "^3.4.0",
+        "mocha": "^10.7.3",
+        "prettier": "2.3.2",
+        "rimraf": "^3.0.2",
+        "sinon": "^9.2.4",
+        "ts-node": "^10.0.0",
+        "typescript": "^4.3.5"
+    },
+    "keywords": [
+        "npm",
+        "audit",
+        "skip",
+        "ignore",
+        "exclude",
+        "exceptions",
+        "node",
+        "security",
+        "advisory",
+        "vulnerabilities",
+        "continuous integration",
+        "dependencies",
+        "check",
+        "build",
+        "script",
+        "nsp",
+        "ci"
+    ]
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

43318

decreased by-96.7%

Number of package files

12

decreased by-76%

Lines of code

767

decreased by-84.43%

Number of low supply chain risk alerts

2

increased byInfinity%

Number of medium supply chain risk alerts

3

increased byInfinity%

No dependency changes