bump-cli - npm Package Compare versions

Comparing version 1.1.3 to 2.0.0-beta

package.json

 {
   "name": "bump-cli",
-  "version": "1.1.3",
-  "description": "Increments version numbers in files",
-  "main": "index.js",
-  "directories": {
-    "test": "test"
+  "description": "The Bump CLI is used to interact with your API documentation hosted on Bump by using the API of developers.bump.sh",
+  "version": "2.0.0-beta",
+  "author": "Paul Bonaud <paulr@bump.sh>",
+  "bin": {
+    "bump": "./bin/run"
   },
-  "repository": {
-     "type": "git",
-     "url": "https://github.com/rstacruz/bump-cli.git"
+  "bugs": "https://github.com/bump-sh/bump-node-cli/issues",
+  "devDependencies": {
+    "@oclif/dev-cli": "^1.26.0",
+    "@oclif/test": "^1.2.8",
+    "@types/debug": "^4.1.5",
+    "@types/mocha": "^8.2.2",
+    "@types/node": "^10.17.56",
+    "@typescript-eslint/eslint-plugin": "^4.21.0",
+    "@typescript-eslint/parser": "^4.21.0",
+    "chai": "^4.3.4",
+    "cross-spawn": "^6.0.5",
+    "eslint": "^7.24.0",
+    "eslint-config-prettier": "^8.1.0",
+    "eslint-plugin-prettier": "^3.3.1",
+    "globby": "^10.0.2",
+    "mocha": "^8.3.2",
+    "nock": "^13.0.11",
+    "np": "^7.5.0",
+    "nyc": "^15.1.0",
+    "prettier": "^2.2.1",
+    "sinon": "^10.0.0",
+    "stdout-stderr": "^0.1.13",
+    "ts-node": "^8.10.2",
+    "typescript": "^3.9.9"
   },
-  "scripts": {
-    "test": "mocha"
+  "engines": {
+    "node": ">=10.0.0"
   },
-  "author": "Rico Sta. Cruz <hi@ricostacruz.com>",
+  "files": [
+    "/bin",
+    "/lib",
+    "/npm-shrinkwrap.json",
+    "/oclif.manifest.json"
+  ],
+  "homepage": "https://bump.sh",
+  "keywords": [
+    "api",
+    "documentation",
+    "openapi",
+    "asyncapi",
+    "bump",
+    "cli"
+  ],
   "license": "MIT",
-  "bin": {
-    "bump": "./bin/bump"
+  "main": "lib/index.js",
+  "oclif": {
+    "commands": "./lib/commands",
+    "bin": "bump",
+    "plugins": [
+      "@oclif/plugin-help"
+    ]
   },
-  "devDependencies": {
-    "chai": "^1.9.1",
-    "mocha": "^1.21.4",
-    "sinon": "^1.10.3",
-    "sinon-chai": "^2.5.0"
+  "repository": "bump-sh/bump-node-cli",
+  "scripts": {
+    "build": "tsc -b",
+    "clean": "rm -rf lib oclif.manifest.json",
+    "lint": "eslint . --ext .ts --config .eslintrc",
+    "fmt": "eslint . --ext .ts --config .eslintrc --fix",
+    "pack": "oclif-dev pack",
+    "postpack": "rm -f oclif.manifest.json",
+    "prepack": "rm -rf lib && npm run build && oclif-dev manifest && oclif-dev readme",
+    "pretest": "npm run clean && npm run build && npm run lint",
+    "publish": "np",
+    "test": "mocha \"test/**/*.test.ts\"",
+    "test-coverage": "nyc npm run test",
+    "test-integration": "node ./test/integration.js",
+    "version": "oclif-dev readme && git add README.md"
   },
+  "types": "lib/index.d.ts",
   "dependencies": {
-    "minimist": "^1.1.0",
-    "semver": "^3.0.1"
+    "@apidevtools/json-schema-ref-parser": "^9.0.7",
+    "@asyncapi/specs": "^2.7.7",
+    "@oclif/command": "^1.8.0",
+    "@oclif/config": "^1.17.0",
+    "@oclif/plugin-help": "^3.2.2",
+    "axios": "^0.21.1",
+    "cli-ux": "^5.5.1",
+    "debug": "^4.3.1",
+    "oas-schemas": "git+https://git@github.com/OAI/OpenAPI-Specification.git#0f9d3ec7c033fef184ec54e1ffc201b2d61ce023",
+    "tslib": "^1.14.1"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Git dependency

Supply chain risk

Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

38870

increased by93.91%

Number of package files

32

increased by128.57%

Lines of code

713

increased by49.16%

Number of lines in readme file

148

increased by260.98%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Dependency count

10

increased by400%

Dev dependency count

22

increased by450%

Number of high supply chain risk alerts

1

increased byInfinity%

Number of low supply chain risk alerts

6

increased by500%

Dependency changes

• + Added@apidevtools/json-schema-ref-parser@^9.0.7

• + Added@asyncapi/specs@^2.7.7

• + Added@oclif/command@^1.8.0

• + Added@oclif/config@^1.17.0

• + Added@oclif/plugin-help@^3.2.2

• + Addedaxios@^0.21.1

• + Addedcli-ux@^5.5.1

• + Addeddebug@^4.3.1

• + Addedoas-schemas@git+https://git@github.com/OAI/OpenAPI-Specification.git#0f9d3ec7c033fef184ec54e1ffc201b2d61ce023

• + Addedtslib@^1.14.1

• + Added@apidevtools/json-schema-ref-parser@9.1.2(transitive)

• + Added@asyncapi/specs@2.14.0(transitive)

• + Added@jsdevtools/ono@7.1.3(transitive)

• + Added@nodelib/fs.scandir@2.1.5(transitive)

• + Added@nodelib/fs.stat@2.0.5(transitive)

• + Added@nodelib/fs.walk@1.2.8(transitive)

• + Added@oclif/command@1.8.36(transitive)

• + Added@oclif/config@1.18.161.18.171.18.2(transitive)

• + Added@oclif/errors@1.3.51.3.6(transitive)

• + Added@oclif/help@1.0.15(transitive)

• + Added@oclif/linewrap@1.0.0(transitive)

• + Added@oclif/parser@3.8.17(transitive)

• + Added@oclif/plugin-help@3.3.1(transitive)

• + Added@oclif/screen@1.0.4(transitive)

• + Added@types/json-schema@7.0.15(transitive)

• + Addedansi-escapes@4.3.2(transitive)

• + Addedansi-regex@5.0.1(transitive)

• + Addedansi-styles@4.3.0(transitive)

• + Addedansicolors@0.3.2(transitive)

• + Addedargparse@1.0.102.0.1(transitive)

• + Addedarray-union@2.1.0(transitive)

• + Addedaxios@0.21.4(transitive)

• + Addedbraces@3.0.3(transitive)

• + Addedcall-me-maybe@1.0.2(transitive)

• + Addedcardinal@2.1.1(transitive)

• + Addedchalk@4.1.2(transitive)

• + Addedclean-stack@3.0.1(transitive)

• + Addedcli-progress@3.12.0(transitive)

• + Addedcli-ux@5.6.7(transitive)

• + Addedcolor-convert@2.0.1(transitive)

• + Addedcolor-name@1.1.4(transitive)

• + Addedcross-spawn@7.0.5(transitive)

• + Addeddebug@4.3.7(transitive)

• + Addeddir-glob@3.0.1(transitive)

• + Addedemoji-regex@8.0.0(transitive)

• + Addedescape-string-regexp@4.0.0(transitive)

• + Addedesprima@4.0.1(transitive)

• + Addedextract-stack@2.0.0(transitive)

• + Addedfast-glob@3.3.2(transitive)

• + Addedfastq@1.17.1(transitive)

• + Addedfill-range@7.1.1(transitive)

• + Addedfollow-redirects@1.15.9(transitive)

• + Addedfs-extra@8.1.0(transitive)

• + Addedglob-parent@5.1.2(transitive)

• + Addedglobby@11.1.0(transitive)

• + Addedgraceful-fs@4.2.11(transitive)

• + Addedhas-flag@4.0.0(transitive)

• + Addedhyperlinker@1.0.0(transitive)

• + Addedignore@5.3.2(transitive)

• + Addedindent-string@4.0.0(transitive)

• + Addedis-docker@2.2.1(transitive)

• + Addedis-extglob@2.1.1(transitive)

• + Addedis-fullwidth-code-point@3.0.0(transitive)

• + Addedis-glob@4.0.3(transitive)

• + Addedis-number@7.0.0(transitive)

• + Addedis-wsl@2.2.0(transitive)

• + Addedisexe@2.0.0(transitive)

• + Addedjs-yaml@3.14.14.1.0(transitive)

• + Addedjsonfile@4.0.0(transitive)

• + Addedlodash@4.17.21(transitive)

• + Addedmerge2@1.4.1(transitive)

• + Addedmicromatch@4.0.8(transitive)

• + Addedms@2.1.3(transitive)

• + Addednatural-orderby@2.0.3(transitive)

• + Addedobject-treeify@1.1.33(transitive)

• + Addedpassword-prompt@1.1.3(transitive)

• + Addedpath-key@3.1.1(transitive)

• + Addedpath-type@4.0.0(transitive)

• + Addedpicomatch@2.3.1(transitive)

• + Addedqueue-microtask@1.2.3(transitive)

• + Addedredeyed@2.1.1(transitive)

• + Addedreusify@1.0.4(transitive)

• + Addedrun-parallel@1.2.0(transitive)

• + Addedsemver@7.6.3(transitive)

• + Addedshebang-command@2.0.0(transitive)

• + Addedshebang-regex@3.0.0(transitive)

• + Addedslash@3.0.0(transitive)

• + Addedsprintf-js@1.0.3(transitive)

• + Addedstring-width@4.2.3(transitive)

• + Addedstrip-ansi@6.0.1(transitive)

• + Addedsupports-color@7.2.08.1.1(transitive)

• + Addedsupports-hyperlinks@2.3.0(transitive)

• + Addedto-regex-range@5.0.1(transitive)

• + Addedtslib@1.14.12.8.1(transitive)

• + Addedtype-fest@0.21.3(transitive)

• + Addeduniversalify@0.1.2(transitive)

• + Addedwhich@2.0.2(transitive)

• + Addedwidest-line@3.1.0(transitive)

• + Addedwrap-ansi@6.2.07.0.0(transitive)

• - Removedminimist@^1.1.0

• - Removedsemver@^3.0.1

• - Removedminimist@1.2.8(transitive)

• - Removedsemver@3.0.1(transitive)