bob-esbuild-plugin - npm Package Compare versions

Comparing version 2.2.0 to 3.1.0

package.json

 {
   "name": "bob-esbuild-plugin",
-  "version": "2.2.0",
+  "version": "3.1.0",
   "description": "bob-esbuild main plugin, based on https://github.com/egoist/rollup-plugin-esbuild",
+  "peerDependencies": {
+    "esbuild": "*",
+    "rollup": "*"
+  },
+  "dependencies": {
+    "@rollup/pluginutils": "^4.1.1"
+  },
   "repository": {
@@ -10,48 +17,17 @@ "type": "git",
   },
+  "author": "PabloSzx <pablosaez1995@gmail.com>",
   "license": "MIT",
-  "author": "PabloSzx <pablosaez1995@gmail.com>",
+  "main": "index.js",
+  "types": "index.d.ts",
   "exports": {
     ".": {
-      "require": "./lib/index.js",
-      "import": "./lib/index.mjs"
+      "require": "./index.js",
+      "import": "./index.mjs"
     },
     "./*": {
-      "require": "./lib/*.js",
-      "import": "./lib/*.mjs"
-    }
-  },
-  "main": "lib/index.js",
-  "types": "lib/index.d.ts",
-  "files": [
-    "lib"
-  ],
-  "dependencies": {
-    "@rollup/pluginutils": "^4.1.1",
-    "tsconfck": "^1.1.1"
-  },
-  "devDependencies": {
-    "@types/node": "^16.11.6",
-    "changesets-github-release": "^0.0.4",
-    "esbuild": "^0.13.12",
-    "rollup": "^2.59.0",
-    "tsup": "^5.6.0"
-  },
-  "peerDependencies": {
-    "@types/node": "*",
-    "esbuild": "*",
-    "rollup": "*"
-  },
-  "tsup": {
-    "entryPoints": [
-      "src/**/*.ts"
-    ],
-    "outDir": "lib",
-    "clean": true,
-    "format": [
-      "cjs",
-      "esm"
-    ],
-    "target": "es2019"
-  },
-  "scripts": {}
+      "require": "./*.js",
+      "import": "./*.mjs"
+    },
+    "./package.json": "./package.json"
+  }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

76884

increased by183.63%

Dependency count

3

decreased by-40%

Dev dependency count

0

decreased by-100%

Lines of code

2195

increased by185.44%

Worsened metrics

Number of low supply chain risk alerts

17

increased by240%

Number of medium supply chain risk alerts

4

increased byInfinity%

Dependency changes

• - Removedtsconfck@^1.1.1

• - Removed@types/node@22.9.0(transitive)

• - Removedtsconfck@1.2.2(transitive)

• - Removedundici-types@6.19.8(transitive)