dirty-ts - npm Package Compare versions

Comparing version 1.1.3 to 1.1.4

package.json

 {
   "name": "dirty-ts",
   "description": "A tiny & fast key value store with append-only disk log. Ideal for apps with < 1 million records. Now with type declarations",
-  "version": "1.1.3",
-  "repository": "https://github.com/felixge/node-dirty.git",
+  "version": "1.1.4",
+  "repository": "https://github.com/ether/dirty_db.git",
   "license": "MIT",
@@ -21,5 +21,5 @@ "dependencies": {
     "eslint-plugin-you-dont-need-lodash-underscore": "^6.12.0",
-    "mocha": "^9.1.1",
     "rimraf": "^3.0.2",
-    "typescript": "^5.2.2"
+    "typescript": "^5.2.2",
+    "vitest": "^0.34.6"
   },
@@ -26,0 +26,0 @@ "engines": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

21696

increased by26.72%

Number of package files

9

increased by125%

Lines of code

266

increased byInfinity%

Worsened metrics

Number of medium quality alerts

2

increased by100%

Number of lines in readme file

0

decreased by-100%

Number of low supply chain risk alerts

2

increased by100%

No dependency changes