Comparing version 0.17.1 to 2.0.0-rc.0
{ | ||
"name": "clipanion", | ||
"version": "0.17.1", | ||
"license": "MIT", | ||
"main": "./sources/core/index.js", | ||
"scripts": { | ||
"genparse": "pegjs -o sources/core/parse.js sources/core/command.peg", | ||
"prepublishOnly": "yarn genparse && yarn test", | ||
"test": "mocha $(find sources -name '*.test.js')" | ||
}, | ||
"dependencies": { | ||
"camelcase": "^5.2.0", | ||
"chalk": "^1.1.3" | ||
}, | ||
"devDependencies": { | ||
"chai": "^3.5.0", | ||
"get-stream": "^5.0.0", | ||
"mocha": "^3.2.0", | ||
"pegjs": "^0.10.0", | ||
"yup": "^0.27.0" | ||
} | ||
} | ||
"name": "clipanion", | ||
"version": "2.0.0-rc.0", | ||
"main": "lib/advanced", | ||
"license": "MIT", | ||
"dependencies": { | ||
"chalk": "^2.4.2" | ||
}, | ||
"devDependencies": { | ||
"@berry/pnpify": "^0.0.6", | ||
"@types/chai": "^4.1.7", | ||
"@types/chalk": "^2.2.0", | ||
"@types/mocha": "^5.2.7", | ||
"@types/node": "^12.6.2", | ||
"@types/yup": "^0.26.21", | ||
"chai": "^4.2.0", | ||
"mocha": "^6.1.4", | ||
"ts-node": "^8.3.0", | ||
"typescript": "^3.5.3", | ||
"yup": "^0.27.0" | ||
}, | ||
"scripts": { | ||
"prepack": "rm -rf lib && yarn pnpify tsc", | ||
"postpack": "rm -rf lib", | ||
"test": "yarn pnpify mocha --require ts-node/register --extension ts tests" | ||
}, | ||
"publishConfig": { | ||
"main": "lib/advanced" | ||
}, | ||
"files": [ | ||
"/lib/**/*", | ||
"!/lib/demos/**/*" | ||
] | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
1
21
1
1
39622
11
981
1
0
+ Addedansi-styles@3.2.1(transitive)
+ Addedchalk@2.4.2(transitive)
+ Addedcolor-convert@1.9.3(transitive)
+ Addedcolor-name@1.1.3(transitive)
+ Addedhas-flag@3.0.0(transitive)
+ Addedsupports-color@5.5.0(transitive)
- Removedcamelcase@^5.2.0
- Removedansi-regex@2.1.1(transitive)
- Removedansi-styles@2.2.1(transitive)
- Removedcamelcase@5.3.1(transitive)
- Removedchalk@1.1.3(transitive)
- Removedhas-ansi@2.0.0(transitive)
- Removedstrip-ansi@3.0.1(transitive)
- Removedsupports-color@2.0.0(transitive)
Updatedchalk@^2.4.2