drag-on-drop - npm Package Compare versions

Comparing version 3.3.0 to 3.3.1

index.js

@@ -0,1 +1,2 @@
+import '@babel/polyfill';
 import 'element-qsa-scope';
@@ -2,0 +3,0 @@ import dragula from 'dragula';

package.json

 {
   "name": "drag-on-drop",
-  "version": "3.3.0",
+  "version": "3.3.1",
   "description": "Accessible drag and drop list reorder",
@@ -12,3 +12,3 @@ "main": "dist/dragon-drop.js",
     "demo": "mkdir dist/demo && cp-dir ./demo ./dist/demo",
-    "deploy": "gh-pages -d dist/",
+    "deploy": "gh-pages -m 'auto commit [ci skip]' -d dist/",
     "dev": "watch-run -p 'lib/**,demo/**,index.js' npm run build",
@@ -53,2 +53,3 @@ "pre-build": "npm run clean && mkdir dist",
   "dependencies": {
+    "@babel/polyfill": "^7.0.0",
     "component-emitter": "^1.2.1",
@@ -55,0 +56,0 @@ "dom-matches": "^2.0.0",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

794454

increased by97.37%

Lines of code

10488

increased by186.24%

Worsened metrics

Dependency count

7

increased by16.67%

Number of package files

24

decreased by-4%

Number of medium supply chain risk alerts

10

increased byInfinity%

Dependency changes

• + Added@babel/polyfill@^7.0.0

• + Added@babel/polyfill@7.12.1(transitive)

• + Addedcore-js@2.6.12(transitive)

• + Addedregenerator-runtime@0.13.11(transitive)