confidence - npm Package Compare versions

Comparing version 5.0.0 to 5.0.1

lib/store.js

@@ -6,2 +6,3 @@ 'use strict';
 const Hoek = require('@hapi/hoek');
+const Bourne = require('@hapi/bourne');
 const Schema = require('./schema');
@@ -235,3 +236,3 @@
             if (typeof value === 'string') {
-                result = value.split(options.splitToken);
+                result = value ? value.split(options.splitToken) : [];
             }
@@ -263,3 +264,3 @@ else {
             try {
-                result = JSON.parse(value);
+                result = Bourne.parse(value);
             }
@@ -266,0 +267,0 @@ catch (e) {

package.json

 {
   "name": "confidence",
   "description": "Configuration API",
-  "version": "5.0.0",
+  "version": "5.0.1",
   "repository": "git://github.com/hapipal/confidence",
@@ -14,2 +14,3 @@ "main": "lib/index.js",
   "dependencies": {
+    "@hapi/bourne": "2.x.x",
     "@hapi/hoek": "9.x.x",
@@ -16,0 +17,0 @@ "alce": "1.x.x",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

37981

increased by0.22%

Lines of code

467

increased by0.21%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

5

increased by25%

Dependency changes

• + Added@hapi/bourne@2.x.x

• + Added@hapi/bourne@2.1.0(transitive)