convoy - npm Package Compare versions
Comparing version 0.1.0 to 0.1.1
| { | ||
| "name": "convoy", | ||
| "version": "0.1.0", | ||
| "author": "Charles Jolley", | ||
| "version": "v0.1.1", | ||
| "author": "Charles Jolley <charles@sproutcore.com>", | ||
| "description": "Pluggable, package-aware asset pipeline for node", | ||
| "keywords": ["asset", "pipeline", "connect", "jake", "build", "tools"], | ||
| "homepage": "http://github.com/charlesjolley/convoy", | ||
| "bugs": { | ||
| "url": "http://github.com/charlesjolley/convoy/issues" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "http://github.com/charlesjolley/convoy.git" | ||
| }, | ||
| "main": "./lib/index.js", | ||
| "dependencies": { | ||
| "async": "latest", | ||
| "resolve": "latest", | ||
| "uglify-js": "latest" | ||
| "async": "0.1.x", | ||
| "resolve": "0.2.x", | ||
| "uglify-js": "~1.2" | ||
| }, | ||
@@ -12,0 +25,0 @@ |
New alerts
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Fixed alerts
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.47%
77298
- Number of low maintenance alerts
- decreased by-50%
1
- Number of low quality alerts
- decreased by-50%
1
- Number of low supply chain risk alerts
- decreased by-11.11%
8
Worsened metrics
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Addedasync@0.1.22(transitive)
+ Addedresolve@0.2.8(transitive)
+ Addeduglify-js@1.2.6(transitive)
- Removedasync@3.2.6(transitive)
- Removedfunction-bind@1.1.2(transitive)
- Removedhasown@2.0.2(transitive)
- Removedis-core-module@2.16.1(transitive)
- Removedpath-parse@1.0.7(transitive)
- Removedresolve@1.22.10(transitive)
- Removedsupports-preserve-symlinks-flag@1.0.0(transitive)
- Removeduglify-js@3.19.3(transitive)
Updatedasync@0.1.x
Updatedresolve@0.2.x
Updateduglify-js@~1.2