echo-best - npm Package Compare versions

Comparing version 0.0.1 to 1.0.0

examples/node/analyzeBuffer.js

@@ -1,4 +0,6 @@
-require('../common/analyzeBuffer')(function(err, res){
+console.log('Uploading track to the Echo Nest for analysis...');
+
+require('../shared/analyzeBuffer')(function(err, res){
     if (err){ throw err; }
     console.log(res);
 });

examples/node/analyzeHex.js

@@ -1,4 +0,6 @@
-require('../common/analyzeHex')(function(err, res){
+console.log('Uploading track to the Echo Nest for analysis...');
+
+require('../shared/analyzeHex')(function(err, res){
     if (err){ throw err; }
     console.log(res);
 });

examples/node/getSongInfo.js

@@ -1,4 +0,6 @@
-require('../common/getSongInfo')(function(err, res){
+console.log('Getting song info from the Echo Nest...');
+
+require('../shared/getSongInfo')(function(err, res){
     if (err){ throw err; }
     console.log(res);
 });

lib/echoBest.js

@@ -23,3 +23,6 @@ (function (root, factory) {
             return function(path, opt, cb) {
-                if (!_.isString(path)){
+                if (!_.isFunction(cb)){
+                    throw new TypeError('Third argument: Callback must be a function');
+                }
+                else if (!_.isString(path)){
                     cb(new TypeError('First argument: Path must be a string'));
@@ -30,5 +33,2 @@ }
                 }
-                else if (!_.isFunction(cb)){
-                    cb(new TypeError('Third argument: Callback must be a function'));
-                }
                 else{
@@ -35,0 +35,0 @@ if (_.contains(path, 'upload')){

package.json

 {
   "name": "echo-best",
-  "version": "0.0.1",
+  "version": "1.0.0",
   "description": "The Echo Nest JavaScript API for RequireJS, Node, and browsers",
@@ -36,2 +36,2 @@ "main": "lib/echoBest.js",
   "license": "MIT"
-}
+}

readme.md

@@ -25,10 +25,10 @@ # Why Another JavaScript API
 # Examples
-Before running any of the examples, the dependencies must be downloaded
+Before running any of the examples, the dependencies must be downloaded:
 ```
-cd examples/common && npm install
+cd examples/shared && npm install
 ```
-[Browser Examples](placeholder)
+[Browser Examples](https://github.com/mjhasbach/echo-best/tree/master/examples/browser)
 
-[RequireJS Examples](placeholder)
+[RequireJS Examples](https://github.com/mjhasbach/echo-best/tree/master/examples/requirejs)
 
-[Node Examples](placeholder)
+[Node Examples](https://github.com/mjhasbach/echo-best/tree/master/examples/node)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 3 instances in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 5 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Mixed license

License

(Experimental) Package contains multiple licenses.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Number of low license alerts

0

decreased by-100%

Number of low quality alerts

1

decreased by-50%

Number of low supply chain risk alerts

2

decreased by-95.92%

Number of medium supply chain risk alerts

1

decreased by-96%

Worsened metrics

Total package byte prevSize

16200

decreased by-98.72%

Number of package files

19

decreased by-93.73%

Lines of code

294

decreased by-98.95%

No dependency changes