bitcore - npm Package Compare versions

Comparing version 0.0.0 to 0.1.5

package.json

 {
   "name": "bitcore",
-  "version": "0.0.0",
-  "description": "Bitcoin library",
-  "main": "index.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+  "description": "Bitcoin Library",
+  "version": "0.1.5",
+  "author": {
+    "name": "Stephen Pair",
+    "email": "stephen@bitpay.com"
   },
-  "repository": {
-    "type": "git",
-    "url": "http://github.com/gasteve/node-bitcore.git"
-  },
+  "contributors": [
+    {
+      "name": "Stefan Thomas",
+      "email": "moon@justmoon.net"
+    },
+    {
+      "name": "Jeff Garzik",
+      "email": "jgarzik@bitpay.com"
+    }
+  ],
   "keywords": [
@@ -21,8 +27,27 @@ "bitcoin",
   ],
-  "author": "Stephen Pair",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/gasteve/node-bitcore/issues"
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/bitpay/bitcore.git"
   },
-  "homepage": "https://github.com/gasteve/node-bitcore"
+  "scripts": {},
+  "dependencies": {
+    "classtool": "=1.0.0",
+    "base58-native": "=0.1.3",
+    "bindings": "=1.1.1",
+    "bufferput": "=0.1.1",
+    "bignum": "=0.6.1",
+    "binary": "=0.3.0",
+    "step": "=0.0.4",
+    "buffers": "=0.1.1",
+    "buffertools": "=1.1.1",
+    "mocha": ">=1.15.1",
+    "browserify-bignum": "git://github.com/maraoz/browserify-bignum.git"
+  },
+  "devDependencies": {
+    "grunt-contrib-watch": "~0.5.3",
+    "grunt-mocha-test": "~0.8.2",
+    "grunt-browserify": "~1.3.0",
+    "chai": "~1.9.0"
+  },
+  "license": "MIT"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Git dependency

Supply chain risk

Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 3 instances in 1 package

Uses eval

Supply chain risk

Package uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

214695

increased by37765.08%

Number of package files

57

increased by5600%

Lines of code

5805

increased byInfinity%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

60

increased byInfinity%

Worsened metrics

Dependency count

11

increased byInfinity%

Dev dependency count

4

increased byInfinity%

Number of low maintenance alerts

2

increased by100%

Number of high supply chain risk alerts

1

increased byInfinity%

Number of low supply chain risk alerts

3

increased byInfinity%

Number of medium supply chain risk alerts

7

increased by600%

Dependency changes

• + Addedbase58-native@=0.1.3

• + Addedbignum@=0.6.1

• + Addedbinary@=0.3.0

• + Addedbindings@=1.1.1

• + Addedbrowserify-bignum@git://github.com/maraoz/browserify-bignum.git

• + Addedbufferput@=0.1.1

• + Addedbuffers@=0.1.1

• + Addedbuffertools@=1.1.1

• + Addedclasstool@=1.0.0

• + Addedmocha@>=1.15.1

• + Addedstep@=0.0.4

• + Addedansi-colors@4.1.3(transitive)

• + Addedansi-regex@5.0.1(transitive)

• + Addedansi-styles@4.3.0(transitive)

• + Addedanymatch@3.1.3(transitive)

• + Addedargparse@2.0.1(transitive)

• + Addedbalanced-match@1.0.2(transitive)

• + Addedbinary-extensions@2.3.0(transitive)

• + Addedbrace-expansion@2.0.1(transitive)

• + Addedbraces@3.0.3(transitive)

• + Addedbrowser-stdout@1.3.1(transitive)

• + Addedcamelcase@6.3.0(transitive)

• + Addedchalk@4.1.2(transitive)

• + Addedchokidar@3.6.0(transitive)

• + Addedcliui@7.0.4(transitive)

• + Addedcolor-convert@2.0.1(transitive)

• + Addedcolor-name@1.1.4(transitive)

• + Addeddebug@4.3.7(transitive)

• + Addeddecamelize@4.0.0(transitive)

• + Addeddiff@5.2.0(transitive)

• + Addedemoji-regex@8.0.0(transitive)

• + Addedescalade@3.2.0(transitive)

• + Addedescape-string-regexp@4.0.0(transitive)

• + Addedfill-range@7.1.1(transitive)

• + Addedfind-up@5.0.0(transitive)

• + Addedflat@5.0.2(transitive)

• + Addedfs.realpath@1.0.0(transitive)

• + Addedfsevents@2.3.3(transitive)

• + Addedget-caller-file@2.0.5(transitive)

• + Addedglob@8.1.0(transitive)

• + Addedglob-parent@5.1.2(transitive)

• + Addedhas-flag@4.0.0(transitive)

• + Addedhe@1.2.0(transitive)

• + Addedinflight@1.0.6(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedis-binary-path@2.1.0(transitive)

• + Addedis-extglob@2.1.1(transitive)

• + Addedis-fullwidth-code-point@3.0.0(transitive)

• + Addedis-glob@4.0.3(transitive)

• + Addedis-number@7.0.0(transitive)

• + Addedis-plain-obj@2.1.0(transitive)

• + Addedis-unicode-supported@0.1.0(transitive)

• + Addedjs-yaml@4.1.0(transitive)

• + Addedlocate-path@6.0.0(transitive)

• + Addedlog-symbols@4.1.0(transitive)

• + Addedminimatch@5.1.6(transitive)

• + Addedmocha@10.7.3(transitive)

• + Addedms@2.1.3(transitive)

• + Addednormalize-path@3.0.0(transitive)

• + Addedonce@1.4.0(transitive)

• + Addedp-limit@3.1.0(transitive)

• + Addedp-locate@5.0.0(transitive)

• + Addedpath-exists@4.0.0(transitive)

• + Addedpicomatch@2.3.1(transitive)

• + Addedrandombytes@2.1.0(transitive)

• + Addedreaddirp@3.6.0(transitive)

• + Addedrequire-directory@2.1.1(transitive)

• + Addedsafe-buffer@5.2.1(transitive)

• + Addedserialize-javascript@6.0.2(transitive)

• + Addedstring-width@4.2.3(transitive)

• + Addedstrip-ansi@6.0.1(transitive)

• + Addedstrip-json-comments@3.1.1(transitive)

• + Addedsupports-color@7.2.08.1.1(transitive)

• + Addedto-regex-range@5.0.1(transitive)

• + Addedworkerpool@6.5.1(transitive)

• + Addedwrap-ansi@7.0.0(transitive)

• + Addedwrappy@1.0.2(transitive)

• + Addedy18n@5.0.8(transitive)

• + Addedyargs@16.2.0(transitive)

• + Addedyargs-parser@20.2.9(transitive)

• + Addedyargs-unparser@2.0.0(transitive)

• + Addedyocto-queue@0.1.0(transitive)