bson - npm Package Compare versions
Comparing version 0.0.1 to 0.0.2
| { | ||
| "name": "bson", | ||
| "version": "0.0.1", | ||
| "version": "0.0.2", | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "https://0ctave@github.com/0ctave/node-bson.git" | ||
| }, | ||
| "description": "BSON library for node", | ||
| "author": "Christian Amor Kvalheim <christkv@gmail.com>", | ||
| "contributors" : [ "Yuriy Bogdanov <chinsay@gmail.com>" ], | ||
| "main": "bson.node", | ||
| "engines": { "node": ">=0.4.0" }, | ||
| "scripts": { "install" : "node-waf configure clean build" } | ||
| "scripts": { "install" : "make all" }, | ||
| "main": "./bson.node", | ||
| "engines": { "node": ">=0.4.0" } | ||
| } |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Fixed alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 8 instances in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-50%
1
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-87.95%
183171
- Number of package files
- decreased by-22.86%
27