Comparing version 0.12.0 to 0.12.1
@@ -0,1 +1,5 @@ | ||
0.12.1 — 2016-09-15 | ||
- Update npm dependencies, including request, to fix vulnerability (#89) | ||
0.12.0 — 2016-03-31 | ||
@@ -2,0 +6,0 @@ |
{ | ||
"name": "ddp", | ||
"version": "0.12.0", | ||
"version": "0.12.1", | ||
"description": "Node.js module to connect to servers using DDP protocol.", | ||
@@ -30,8 +30,8 @@ "author": "Tom Coleman <tom@thesnail.org> (http://tom.thesnail.org)", | ||
"faye-websocket": "0.11.0", | ||
"request": "2.69.x" | ||
"request": "2.74.x" | ||
}, | ||
"devDependencies": { | ||
"mocha": "~2.4.5", | ||
"sinon": "~1.17.3", | ||
"rewire": "~2.5.1" | ||
"mocha": "~3.0.2", | ||
"sinon": "~1.17.5", | ||
"rewire": "~2.5.2" | ||
}, | ||
@@ -38,0 +38,0 @@ "scripts": { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
50469
782
0
+ Addedbl@1.1.2(transitive)
+ Addedpunycode@1.4.1(transitive)
+ Addedqs@6.2.4(transitive)
+ Addedrequest@2.74.0(transitive)
+ Addedtough-cookie@2.3.4(transitive)
- Removedbl@1.0.3(transitive)
- Removedqs@6.0.4(transitive)
- Removedrequest@2.69.0(transitive)
- Removedtough-cookie@2.2.2(transitive)
Updatedrequest@2.74.x