deepai - npm Package Compare versions

Comparing version 0.0.1 to 0.0.2

package.json

 {
   "name": "deepai",
-  "version": "0.0.1",
+  "version": "0.0.2",
+  "license": "BSD-2-Clause",
   "repository": {
@@ -8,3 +9,30 @@ "type": "git",
   },
-  "homepage": "https://github.com/deepai-org/deepai-js-client"
+  "homepage": "https://github.com/deepai-org/deepai-js-client",
+  "dependencies": {},
+  "devDependencies": {
+    "babel-core": "^6.26.3",
+    "babel-loader": "^6.2.2",
+    "babel-plugin-transform-async-to-generator": "^6.5.0",
+    "babel-polyfill": "^6.5.0",
+    "babel-preset-es2015": "^6.5.0",
+    "es6-promise": "^4.2.4",
+    "grunt": "^1.0.2",
+    "grunt-banner": "^0.6.0",
+    "grunt-cli": "^1.2.0",
+    "grunt-contrib-clean": "^1.1.0",
+    "grunt-contrib-watch": "^1.0.0",
+    "grunt-eslint": "^20.1.0",
+    "grunt-webpack": "^1.0.18",
+    "load-grunt-tasks": "^3.5.2",
+    "webpack": "^1.13.1",
+    "webpack-dev-server": "^1.14.1",
+    "axios": "0.18.0",
+    "form-data": "2.3.3"
+  },
+  "scripts": {
+    "build": "NODE_ENV=production grunt build",
+    "version": "npm run build && grunt version && git add -A dist && git package.json",
+    "postversion": "git push && git push --tags",
+    "fix": "eslint --fix lib/**/*.js"
+  }
 }

README.md

@@ -6,1 +6,9 @@ # DeepAI JS Client
 
+
+
+## Build this library (not required for users of this libary): 
+
+```bash
+npm install
+npm run-script build
+```

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2365484

increased by142141.97%

Number of package files

17

increased by466.67%

Lines of code

12433

increased byInfinity%

Number of lines in readme file

14

increased by133.33%

Worsened metrics

Dev dependency count

18

increased byInfinity%

Number of low supply chain risk alerts

1

increased byInfinity%

Number of medium supply chain risk alerts

3

increased by200%

No dependency changes