create-next-app - npm Package Compare versions

Comparing version 0.0.0 to 0.1.2

package.json

 {
   "name": "create-next-app",
-  "version": "0.0.0",
-  "description": "soon",
-  "main": "index.js",
-  "keywords": [],
-  "author": "siddharthkp",
-  "license": "MIT"
+  "version": "0.1.2",
+  "keywords": [
+    "next",
+    "create-next-app",
+    "create-react-app"
+  ],
+  "description": "Create Next.js apps with no build configuration.",
+  "repository": "segmentio/create-next-app",
+  "license": "BSD-3-Clause",
+  "engines": {
+    "node": ">=4"
+  },
+  "bugs": {
+    "url": "https://github.com/segmentio/create-next-app/issues"
+  },
+  "files": [
+    "index.js",
+    "createNextApp.js"
+  ],
+  "bin": {
+    "create-next-app": "./index.js"
+  },
+  "dependencies": {
+    "chalk": "^1.1.1",
+    "commander": "^2.9.0",
+    "cross-spawn": "^4.0.0",
+    "fs-extra": "^1.0.0",
+    "hyperquest": "^2.1.2",
+    "semver": "^5.0.3",
+    "tar-pack": "^3.4.0",
+    "tmp": "0.0.31",
+    "validate-npm-package-name": "^3.0.0"
+  }
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

20430

increased by12207.23%

Number of package files

4

increased by300%

Lines of code

561

increased byInfinity%

Number of medium quality alerts

0

decreased by-100%

Number of lines in readme file

8

increased byInfinity%

Worsened metrics

Dependency count

9

increased byInfinity%

Number of low maintenance alerts

2

increased by100%

Number of low supply chain risk alerts

6

increased by500%

Number of medium supply chain risk alerts

4

increased by300%

Dependency changes

• + Addedchalk@^1.1.1

• + Addedcommander@^2.9.0

• + Addedcross-spawn@^4.0.0

• + Addedfs-extra@^1.0.0

• + Addedhyperquest@^2.1.2

• + Addedsemver@^5.0.3

• + Addedtar-pack@^3.4.0

• + Addedtmp@0.0.31

• + Addedvalidate-npm-package-name@^3.0.0

• + Addedansi-regex@2.1.1(transitive)

• + Addedansi-styles@2.2.1(transitive)

• + Addedbalanced-match@1.0.2(transitive)

• + Addedblock-stream@0.0.9(transitive)

• + Addedbrace-expansion@1.1.11(transitive)

• + Addedbuffer-from@0.1.2(transitive)

• + Addedbuiltins@1.0.3(transitive)

• + Addedchalk@1.1.3(transitive)

• + Addedcommander@2.20.3(transitive)

• + Addedconcat-map@0.0.1(transitive)

• + Addedcore-util-is@1.0.3(transitive)

• + Addedcross-spawn@4.0.2(transitive)

• + Addeddebug@2.6.9(transitive)

• + Addedduplexer2@0.0.2(transitive)

• + Addedescape-string-regexp@1.0.5(transitive)

• + Addedfs-extra@1.0.0(transitive)

• + Addedfs.realpath@1.0.0(transitive)

• + Addedfstream@1.0.12(transitive)

• + Addedfstream-ignore@1.0.5(transitive)

• + Addedglob@7.2.3(transitive)

• + Addedgraceful-fs@4.2.11(transitive)

• + Addedhas-ansi@2.0.0(transitive)

• + Addedhyperquest@2.1.3(transitive)

• + Addedinflight@1.0.6(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedisarray@0.0.11.0.0(transitive)

• + Addedisexe@2.0.0(transitive)

• + Addedjsonfile@2.4.0(transitive)

• + Addedklaw@1.3.1(transitive)

• + Addedlru-cache@4.1.5(transitive)

• + Addedminimatch@3.1.2(transitive)

• + Addedminimist@1.2.8(transitive)

• + Addedmkdirp@0.5.6(transitive)

• + Addedms@2.0.0(transitive)

• + Addedonce@1.4.0(transitive)

• + Addedos-tmpdir@1.0.2(transitive)

• + Addedpath-is-absolute@1.0.1(transitive)

• + Addedprocess-nextick-args@2.0.1(transitive)

• + Addedpseudomap@1.0.2(transitive)

• + Addedreadable-stream@1.0.341.1.142.3.8(transitive)

• + Addedrimraf@2.7.1(transitive)

• + Addedsafe-buffer@5.1.2(transitive)

• + Addedsemver@5.7.2(transitive)

• + Addedstring_decoder@0.10.311.1.1(transitive)

• + Addedstrip-ansi@3.0.1(transitive)

• + Addedsupports-color@2.0.0(transitive)

• + Addedtar@2.2.2(transitive)

• + Addedtar-pack@3.4.1(transitive)

• + Addedthrough2@0.6.5(transitive)

• + Addedtmp@0.0.31(transitive)

• + Addeduid-number@0.0.6(transitive)

• + Addedutil-deprecate@1.0.2(transitive)

• + Addedvalidate-npm-package-name@3.0.0(transitive)

• + Addedwhich@1.3.1(transitive)

• + Addedwrappy@1.0.2(transitive)

• + Addedxtend@4.0.2(transitive)

• + Addedyallist@2.1.2(transitive)