custom-fonts-in-emails - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

package.json

 {
   "name": "custom-fonts-in-emails",
-  "description":
-    "An extremely easy way to use custom fonts in emails without having to use art software. This package was built for @CrocodileJS.",
-  "version": "1.0.0",
+  "description": "An extremely easy way to use custom fonts in emails without having to use art software. This package was built for @CrocodileJS.",
+  "version": "1.0.1",
   "author": "Nick Baugh <niftylettuce@gmail.com>",
@@ -10,7 +9,12 @@ "bugs": "https://github.com/crocodilejs/custom-fonts-in-emails/issues",
     "extends": "prettier",
-    "plugins": ["prettier", "mocha"],
+    "plugins": [
+      "prettier",
+      "mocha"
+    ],
     "parserOptions": {
       "sourceType": "script"
     },
-    "envs": ["mocha"],
+    "envs": [
+      "mocha"
+    ],
     "rules": {
@@ -32,4 +36,10 @@ "prettier/prettier": [
       ],
-      "max-params": ["error", 5],
-      "complexity": ["error", 24],
+      "max-params": [
+        "error",
+        5
+      ],
+      "complexity": [
+        "error",
+        24
+      ],
       "capitalized-comments": "off",
@@ -47,3 +57,3 @@ "camelcase": "off",
     "lodash": "^4.16.4",
-    "os-fonts": "niftylettuce/os-fonts",
+    "os-fonts": "^0.4.1",
     "sharp": "^0.18.2",
@@ -50,0 +60,0 @@ "text-to-svg": "^3.0.1",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

GitHub dependency

Supply chain risk

Contains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

510758

increased by0.01%

Number of high supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

0

decreased by-100%

Dependency changes

• + Addedbalanced-match@1.0.2(transitive)

• + Addedbrace-expansion@1.1.11(transitive)

• + Addedconcat-map@0.0.1(transitive)

• + Addedminimatch@3.1.2(transitive)

• + Addedos-fonts@0.4.1(transitive)

• + Addedrecursive-readdir@2.2.3(transitive)

• + Addedrecursive-readdir-sync@1.0.6(transitive)

• Updatedos-fonts@^0.4.1