defs - npm Package Compare versions

Comparing version 1.0.1 to 1.1.0

defs/build/es5/defs-cmd.js

@@ -7,3 +7,3 @@ "use strict";
 var defs = require("./defs-main");
-var version = "1.0.1";
+var version = "1.1.0";
 var yargs = require("yargs")
@@ -10,0 +10,0 @@ .options("config", {});

defs/build/es5/options.js

@@ -7,3 +7,3 @@ // default configuration
     disallowUnknownReferences: true,
-    parse: require("esprima").parse,
+    parse: require("esprima-fb").parse,
 };

defs/CHANGES.md

@@ -0,1 +1,4 @@
+## v1.1.0 2014-11-28
+ * Use esprima-fb instead of upstream Esprima harmony branch
+
 ## v1.0.1 2014-10-09
@@ -2,0 +5,0 @@ * Bump yargs dependency to get rid of transitive ^ dependencies

defs/options.js

@@ -7,3 +7,3 @@ // default configuration
     disallowUnknownReferences: true,
-    parse: require("esprima").parse,
+    parse: require("esprima-fb").parse,
 };

defs/package.json

 {
   "name": "defs",
-  "version": "1.0.1",
+  "version": "1.1.0",
   "description": "Static scope analysis and transpilation of ES6 block scoped const and let variables, to ES3.",
@@ -14,3 +14,3 @@ "main": "build/es5/defs-main.js",
     "breakable": "~1.0.0",
-    "esprima": "git://github.com/ariya/esprima.git#harmony",
+    "esprima-fb": "~8001.1001.0-dev-harmony-fb",
     "simple-fmt": "~0.1.0",
@@ -17,0 +17,0 @@ "simple-is": "~0.2.0",

Fixed alerts

Git dependency

Supply chain risk

Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable and can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

124682

increased by0.07%

Number of package files

81

increased by1.25%

Number of high supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

2

decreased by-33.33%

Dependency changes

• + Addedesprima-fb@~8001.1001.0-dev-harmony-fb

• + Addedesprima-fb@8001.1001.0-dev-harmony-fb(transitive)

• - Removedesprima@git://github.com/ariya/esprima.git#harmony