domify - npm Package Compare versions

Comparing version 1.2.1 to 1.2.2

component.json

 {
   "name": "domify",
-  "version": "1.2.1",
+  "version": "1.2.2",
   "description": "turn HTML into DOM elements",
-  "scripts": ["index.js"],
   "development": {
@@ -7,0 +6,0 @@ "component/assert": "*"

History.md

 
+1.2.2 / 2014-02-10
+==================
+
+  * package: rename to "component-domify"
+  * package: update "main" and "component" fields
+  * package: use 2 space tabs
+  * component: remove redundant "scripts" array entry
+
 1.2.1 / 2014-01-30
@@ -3,0 +11,0 @@ ==================

package.json

 {
-    "name": "domify",
-    "version": "1.2.1",
-    "description": "turn HTML into DOM elements",
-    "keywords": [
-        "dom",
-        "html",
-        "client",
-        "browser",
-        "component"
-    ],
-    "author": "TJ Holowaychuk <tj@vision-media.ca>",
-    "dependencies": {},
-    "component": {
-        "scripts": {
-            "domify": "index.js"
-        }
-    },
-    "main": "index",
-    "repository": {
-        "type": "git",
-        "url": "https://github.com/component/domify.git"
+  "name": "domify",
+  "version": "1.2.2",
+  "description": "turn HTML into DOM elements",
+  "keywords": [
+    "dom",
+    "html",
+    "client",
+    "browser",
+    "component"
+  ],
+  "author": "TJ Holowaychuk <tj@vision-media.ca>",
+  "dependencies": {},
+  "component": {
+    "scripts": {
+      "domify/index.js": "index.js"
     }
+  },
+  "main": "index.js",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/component/domify.git"
+  }
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

2

decreased by-71.43%

Worsened metrics

Total package byte prevSize

4282

decreased by-85.26%

Number of package files

8

decreased by-52.94%

Lines of code

88

decreased by-92.26%

No dependency changes