bfx-api-node-plugin-example - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

lib/plugin.js

@@ -17,3 +17,3 @@ 'use strict'
     'ws:created': wsHandler.bind(null, 'ws:created'),
-    'ws:destroyed': wsHandler.bind(null, 'ws:destroyed'),
+    'ws:destroyed': wsHandler.bind(null, 'ws:destroyed')
   },
@@ -25,3 +25,3 @@
     error: wsHandler.bind(null, 'error'),
-    close: wsHandler.bind(null, 'close'),
+    close: wsHandler.bind(null, 'close')
   },
@@ -38,3 +38,3 @@
     config: wsHandler.bind(null, 'config'),
-    error: wsHandler.bind(null, 'error'),
+    error: wsHandler.bind(null, 'error')
   },
@@ -46,3 +46,3 @@
     candles: wsHandler.bind(null, 'candles'),
-    book: wsHandler.bind(null, 'book'),
+    book: wsHandler.bind(null, 'book')
   },
@@ -79,10 +79,10 @@
 
-    ws: wsHandler.bind(null, 'ws'),   // wallet snapshot
-    wu: wsHandler.bind(null, 'wu'),   // wallet update
-    bu: wsHandler.bind(null, 'bu'),   // balance update
+    ws: wsHandler.bind(null, 'ws'), // wallet snapshot
+    wu: wsHandler.bind(null, 'wu'), // wallet update
+    bu: wsHandler.bind(null, 'bu'), // balance update
     miu: wsHandler.bind(null, 'miu'), // margin info update
     fiu: wsHandler.bind(null, 'fiu'), // funding info update
     fte: wsHandler.bind(null, 'fte'), // funding trade exec
-    ftu: wsHandler.bind(null, 'ftu'), // funding trade update
+    ftu: wsHandler.bind(null, 'ftu') // funding trade update
   }
 }))

package.json

 {
   "name": "bfx-api-node-plugin-example",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Example plugin for the Bitfinex Node API",
@@ -23,4 +23,7 @@ "engines": {
   ],
+  "author": "Bitfinex",
   "contributors": [
-    "Cris Mihalache <cris.m@bitfinex.com> (https://www.bitfinex.com)"
+    "Cris Mihalache <cris.m@bitfinex.com> (https://www.bitfinex.com)",
+    "Jacob Plaster <jacob.plaster@bitfinex.com> (https://www.bitfinex.com)",
+    "Paolo Ardoino <paolo@bitfinex.com> (https://www.bitfinex.com)"
   ],
@@ -32,12 +35,13 @@ "license": "MIT",
   "devDependencies": {
-    "chai": "^3.4.1",
-    "mocha": "^3.4.2",
-    "standard": "^10.0.2"
+    "babel-eslint": "^10.0.3",
+    "chai": "^4.2.0",
+    "mocha": "^6.2.0",
+    "standard": "^14.1.0"
   },
   "dependencies": {
-    "bfx-api-node-core": "^1.0.0",
-    "bluebird": "^3.5.1",
-    "debug": "^2.2.0",
-    "lodash": "^4.17.4"
+    "bfx-api-node-core": "git+http://github.com/bitfinexcom/bfx-api-node-core.git#semver:^1.1.0",
+    "bluebird": "^3.5.5",
+    "debug": "^4.1.1",
+    "lodash": "^4.17.15"
   }
 }

New alerts

Git dependency

Supply chain risk

Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable and can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

7431

increased by30.67%

Number of package files

13

increased by160%

Lines of code

108

increased by52.11%

Worsened metrics

Dev dependency count

4

increased by33.33%

Number of high supply chain risk alerts

1

increased byInfinity%

Number of low supply chain risk alerts

1

increased byInfinity%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• - Removedansi-regex@2.1.1(transitive)

• - Removedansi-styles@2.2.1(transitive)

• - Removedasn1@0.2.6(transitive)

• - Removedassert-plus@0.2.01.0.0(transitive)

• - Removedasync@2.6.4(transitive)

• - Removedaws-sign2@0.6.0(transitive)

• - Removedbcrypt-pbkdf@1.0.2(transitive)

• - Removedbfx-api-node-core@1.6.1(transitive)

• - Removedbfx-api-node-models@1.8.2(transitive)

• - Removedbfx-api-node-rest@4.6.1(transitive)

• - Removedbfx-api-node-util@1.0.12(transitive)

• - Removedbfx-api-node-ws1@1.0.4(transitive)

• - Removedbignumber.js@9.1.2(transitive)

• - Removedbl@1.0.3(transitive)

• - Removedbluebird@3.5.5(transitive)

• - Removedboom@2.10.1(transitive)

• - Removedcaseless@0.11.0(transitive)

• - Removedchalk@1.1.3(transitive)

• - Removedcombined-stream@1.0.8(transitive)

• - Removedcommander@2.20.3(transitive)

• - Removedcore-util-is@1.0.21.0.3(transitive)

• - Removedcrc-32@1.2.0(transitive)

• - Removedcryptiles@2.0.5(transitive)

• - Removeddashdash@1.14.1(transitive)

• - Removeddebug@2.6.94.1.1(transitive)

• - Removeddelayed-stream@1.0.0(transitive)

• - Removedecc-jsbn@0.1.2(transitive)

• - Removedescape-string-regexp@1.0.5(transitive)

• - Removedexit-on-epipe@1.0.1(transitive)

• - Removedextend@3.0.2(transitive)

• - Removedextsprintf@1.3.0(transitive)

• - Removedforever-agent@0.6.1(transitive)

• - Removedform-data@1.0.1(transitive)

• - Removedgenerate-function@2.3.1(transitive)

• - Removedgenerate-object-property@1.2.0(transitive)

• - Removedgetpass@0.1.7(transitive)

• - Removedhar-validator@2.0.6(transitive)

• - Removedhas-ansi@2.0.0(transitive)

• - Removedhawk@3.1.3(transitive)

• - Removedhoek@2.16.3(transitive)

• - Removedhttp-signature@1.1.1(transitive)

• - Removedinherits@2.0.4(transitive)

• - Removedis-my-ip-valid@1.0.1(transitive)

• - Removedis-my-json-valid@2.20.6(transitive)

• - Removedis-property@1.0.2(transitive)

• - Removedis-typedarray@1.0.0(transitive)

• - Removedisarray@1.0.0(transitive)

• - Removedisstream@0.1.2(transitive)

• - Removedjsbn@0.1.1(transitive)

• - Removedjson-schema@0.4.0(transitive)

• - Removedjson-stringify-safe@5.0.1(transitive)

• - Removedjsonpointer@5.0.1(transitive)

• - Removedjsprim@1.4.2(transitive)

• - Removedmime-db@1.52.0(transitive)

• - Removedmime-types@2.1.35(transitive)

• - Removedms@2.0.0(transitive)

• - Removednode-uuid@1.4.8(transitive)

• - Removedoauth-sign@0.8.2(transitive)

• - Removedpinkie@2.0.4(transitive)

• - Removedpinkie-promise@2.0.1(transitive)

• - Removedprintj@1.1.2(transitive)

• - Removedprocess-nextick-args@1.0.7(transitive)

• - Removedqs@5.2.1(transitive)

• - Removedreadable-stream@2.0.6(transitive)

• - Removedrequest@2.67.0(transitive)

• - Removedrequest-promise@4.2.0(transitive)

• - Removedrequest-promise-core@1.1.1(transitive)

• - Removedsafe-buffer@5.0.1(transitive)

• - Removedsafer-buffer@2.1.2(transitive)

• - Removedsntp@1.0.9(transitive)

• - Removedsshpk@1.18.0(transitive)

• - Removedstealthy-require@1.1.1(transitive)

• - Removedstring_decoder@0.10.31(transitive)

• - Removedstringstream@0.0.6(transitive)

• - Removedstrip-ansi@3.0.1(transitive)

• - Removedsupports-color@2.0.0(transitive)

• - Removedtough-cookie@2.2.2(transitive)

• - Removedtunnel-agent@0.4.3(transitive)

• - Removedtweetnacl@0.14.5(transitive)

• - Removedultron@1.1.1(transitive)

• - Removedutil-deprecate@1.0.2(transitive)

• - Removedverror@1.10.0(transitive)

• - Removedws@3.0.08.18.0(transitive)

• - Removedxtend@4.0.2(transitive)

• Updatedbfx-api-node-core@git+http://github.com/bitfinexcom/bfx-api-node-core.git#semver:^1.1.0

• Updatedbluebird@^3.5.5

• Updateddebug@^4.1.1

• Updatedlodash@^4.17.15