browserify-sign - npm Package Compare versions

Comparing version 4.2.2 to 4.2.3

package.json

 {
 	"name": "browserify-sign",
-	"version": "4.2.2",
+	"version": "4.2.3",
 	"description": "adds node crypto signing for browsers",
@@ -36,6 +36,7 @@ "bugs": {
 		"create-hmac": "^1.1.7",
-		"elliptic": "^6.5.4",
+		"elliptic": "^6.5.5",
+		"hash-base": "~3.0",
 		"inherits": "^2.0.4",
-		"parse-asn1": "^5.1.6",
-		"readable-stream": "^3.6.2",
+		"parse-asn1": "^5.1.7",
+		"readable-stream": "^2.3.8",
 		"safe-buffer": "^5.2.1"
@@ -45,15 +46,15 @@ },
 		"@ljharb/eslint-config": "^21.1.0",
-		"aud": "^2.0.3",
+		"aud": "^2.0.4",
 		"auto-changelog": "^2.4.0",
 		"eslint": "=8.8.0",
 		"in-publish": "^2.0.1",
-		"npmignore": "^0.3.0",
+		"npmignore": "^0.3.1",
 		"nyc": "^10.3.2",
 		"safe-publish-latest": "^2.0.0",
 		"semver": "^6.3.1",
-		"tape": "^5.7.2"
+		"tape": "^5.7.5"
 	},
 	"browser": "browser/index.js",
 	"engines": {
-		"node": ">= 4"
+		"node": ">= 0.12"
 	},
@@ -60,0 +61,0 @@ "auto-changelog": {

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

15794

increased by0.16%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

10

increased by11.11%

Dependency changes

• + Addedhash-base@~3.0

• + Addedcore-util-is@1.0.3(transitive)

• + Addedisarray@1.0.0(transitive)

• + Addedprocess-nextick-args@2.0.1(transitive)

• + Addedreadable-stream@2.3.8(transitive)

• + Addedsafe-buffer@5.1.2(transitive)

• + Addedstring_decoder@1.1.1(transitive)

• - Removedhash-base@3.1.0(transitive)

• - Removedreadable-stream@3.6.2(transitive)

• - Removedstring_decoder@1.3.0(transitive)

• Updatedelliptic@^6.5.5

• Updatedparse-asn1@^5.1.7

• Updatedreadable-stream@^2.3.8