commonplace - npm Package Compare versions

Comparing version 0.6.44 to 0.6.45

bower.json

@@ -5,3 +5,3 @@ {
     "description": "Reusable components for the Firefox Marketplace",
-    "version": "0.6.44",
+    "version": "0.6.45",
     "ignore": [
@@ -8,0 +8,0 @@ "bin",

lib/config.js

@@ -59,2 +59,3 @@ var CORE_MODULES = [
 var bowerConfig = {
+    'almond/almond.js': LIB_DEST_PATH,
     'jquery/jquery.js': LIB_DEST_PATH,
@@ -61,0 +62,0 @@ // TODO: Use the official nunjucks and not a modified one.

package.json

 {
   "name": "commonplace",
   "description": "Reusable components for Firefox Marketplace frontend projects.",
-  "version": "0.6.44",
+  "version": "0.6.45",
   "main": "lib/commonplace",
@@ -6,0 +6,0 @@ "preferGlobal": true,

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

5

decreased by-28.57%

Number of medium supply chain risk alerts

3

decreased by-25%

Worsened metrics

Total package byte prevSize

871367

decreased by-0.05%

Number of package files

314

decreased by-0.32%

Lines of code

6980

decreased by-0.14%

No dependency changes