create-vitex - npm Package Compare versions

Comparing version 0.2.0 to 0.3.0

package.json

 {
   "name": "create-vitex",
-  "version": "0.2.0",
+  "version": "0.3.0",
+  "description": "Start an opinioned vite project",
   "type": "module",
-  "main": "lib/index.mjs",
-  "keywords": [
-    "model",
-    "sql",
-    "mvc",
-    "postgres",
-    "pg",
-    "postgresql"
+  "bin": {
+    "create": "outfile.cjs"
+  },
+  "files": [
+    ".env",
+    "locales",
+    "outfile.cjs",
+    "template"
   ],
   "scripts": {
-    "dev": "vite",
-    "build": "vite build",
-    "preview": "vite preview",
-    "test": "vitest",
-    "build-only": "vite build",
-    "type-check": "vue-tsc --build --force",
-    "lint": "eslint . --ext .vue,.js,.jsx,.cjs,.mjs,.ts,.tsx,.cts,.mts --fix --ignore-path .gitignore",
     "prerc": "npm --no-git-tag-version version minor",
-    "rc": "npm run push",
+    "rc": "yarn push",
     "commit": "git add . && git commit -am ",
-    "c": "npm run commit",
-    "g": "npm run commit",
-    "postg": "npm run postpush",
-    "push": "npm run commit",
+    "c": "yarn commit",
+    "g": "yarn push",
+    "push": "yarn commit",
     "_push": "git push origin",
     "_pull": "git pull origin",
-    "postpush": "uname -s | grep -q Darwin && npm run _push || while true; do timeout 15 npm run _push && break; done",
-    "pull": "uname -s | grep -q Darwin && npm run _pull || while true; do timeout 15 npm run _pull && break; done"
+    "postpush": "uname -s | grep -q Darwin && yarn _push || while true; do timeout 10 yarn _push && break; done",
+    "pull": "uname -s | grep -q Darwin && yarn _pull || while true; do timeout 10 yarn _pull && break; done",
+    "lab": "pnpm build && ./outfile.cjs",
+    "format": "prettier --write .",
+    "build": "zx ./scripts/build.mjs",
+    "snapshot": "zx ./scripts/snapshot.mjs",
+    "pretest": "run-s build snapshot",
+    "test": "zx ./scripts/test.mjs",
+    "prepublishOnly": "pnpm build",
+    "prepublishOnly2": "zx ./scripts/prepublish.mjs"
   },
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/xiangnanscu/model.git"
+    "url": "git+https://github.com/xnscu/create.git"
   },
-  "author": "Nan Xiang",
+  "keywords": [],
+  "author": "Nan Xiang <xnscu@gmail.com>",
   "license": "MIT",
   "bugs": {
-    "url": "https://github.com/xiangnanscu/model/issues"
+    "url": "https://github.com/xnscu/create/issues"
   },
-  "homepage": "https://github.com/xiangnanscu/model#readme",
+  "homepage": "https://github.com/xnscu/create#readme",
   "devDependencies": {
-    "@highlightjs/vue-plugin": "^2.1.0",
-    "@rushstack/eslint-patch": "^1.3.3",
     "@tsconfig/node20": "^20.1.2",
-    "@types/jsdom": "^21.1.6",
-    "@types/node": "^20.11.10",
-    "@vitejs/plugin-vue": "^5.0.3",
-    "@vitejs/plugin-vue-jsx": "^3.1.0",
-    "@vue/eslint-config-prettier": "^8.0.0",
-    "@vue/eslint-config-typescript": "^12.0.0",
-    "@vue/test-utils": "^2.4.4",
+    "@types/eslint": "^8.56.2",
+    "@types/node": "^20.11.16",
+    "@types/prompts": "^2.4.9",
+    "@vue/create-eslint-config": "^0.3.2",
     "@vue/tsconfig": "^0.5.1",
-    "@vueuse/core": "^10.11.0",
-    "@vueuse/integrations": "^10.11.0",
-    "dotenv": "^16.4.5",
-    "eslint": "^8.49.0",
-    "eslint-plugin-vue": "^9.17.0",
-    "highlight.js": "^11.10.0",
-    "jsdom": "^24.0.0",
-    "npm-run-all2": "^6.1.1",
-    "postgres": "^3.4.4",
-    "prettier": "^3.0.3",
-    "sql-formatter": "^15.3.2",
-    "typescript": "~5.3.0",
-    "universal-cookie": "^6",
-    "unplugin-auto-import": "^0.17.6",
-    "unplugin-vue-components": "^0.27.0",
-    "unplugin-vue-router": "^0.10.0",
-    "vite": "^5.0.11",
-    "vite-plugin-node-polyfills": "^0.22.0",
-    "vitest": "^1.2.2",
-    "vue": "^3.4.15",
-    "vue-router": "^4.2.5",
-    "vue-tsc": "^1.8.27"
+    "ejs": "^3.1.9",
+    "esbuild": "^0.18.20",
+    "esbuild-plugin-license": "^1.2.2",
+    "gradient-string": "^2.0.2",
+    "kolorist": "^1.8.0",
+    "lint-staged": "^15.2.1",
+    "minimist": "^1.2.8",
+    "npm-run-all2": "^6.1.2",
+    "prettier": "^3.2.5",
+    "prompts": "^2.4.2",
+    "zx": "^7.2.3"
   }
 }

New alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Unidentified License

License

(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

412365

increased by301.53%

Dev dependency count

17

decreased by-48.48%

Number of package files

39

increased by14.71%

Lines of code

5526

increased by250.86%

Worsened metrics

Number of low license alerts

1

increased byInfinity%

License quality

80

decreased by-20%

Number of low maintenance alerts

1

increased byInfinity%

Number of low quality alerts

2

increased by100%

Number of high supply chain risk alerts

1

increased byInfinity%

Number of low supply chain risk alerts

6

increased byInfinity%

Number of medium supply chain risk alerts

4

increased byInfinity%

No dependency changes