elm - npm Package Compare versions

Comparing version 0.0.0 to 0.15.1-alpha

package.json

 {
   "name": "elm",
-  "version": "0.0.0",
-  "description": "reserving this name for a time when you can install the compiler through npm",
-  "main": "index.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
-  },
+  "version": "0.15.1-alpha",
+  "description": "The Elm Platform: Binaries for the Elm programming language.",
+  "preferGlobal": true,
+  "license": "BSD-3-Clause",
   "repository": {
     "type": "git",
-    "url": "https://github.com/elm-lang/Elm.git"
+    "url": "https://github.com/elm-lang/elm-platform"
   },
+  "bugs": "https://github.com/elm-lang/elm-platform/issues",
+  "author": {
+    "name": "Richard Feldman",
+    "email": "richard.t.feldman@gmail.com",
+    "url": "https://github.com/rtfeldman"
+  },
+  "engines": {
+    "node": ">=0.10.0"
+  },
+  "main": "./index.js",
+  "scripts": {
+    "install": "node install.js",
+    "prepublish": "node prepublish.js",
+    "build-from-source": "node buildFromSource.js"
+  },
+  "files": [
+    "BuildFromSource.hs",
+    "install.js",
+    "platform.js",
+    "buildFromSource.js",
+    "binaries.json",
+    "binwrap.js",
+    "binwrappers"
+  ],
   "keywords": [
-    "Elm"
+    "bin",
+    "binary",
+    "binaries",
+    "elm",
+    "elm-make",
+    "elm-package",
+    "elm-platform",
+    "elm-reactor",
+    "elm-repl",
+    "platform"
   ],
-  "author": "Evan Czaplicki <info@elm-lang.org> (http://elm-lang.org/)",
-  "license": "BSD3"
+  "bin": {
+    "elm": "binwrappers/elm",
+    "elm-make": "binwrappers/elm-make",
+    "elm-package": "binwrappers/elm-package",
+    "elm-reactor": "binwrappers/elm-reactor",
+    "elm-repl": "binwrappers/elm-repl"
+  },
+  "dependencies": {
+    "follow-redirects": "0.0.7",
+    "mkdirp": "0.5.1",
+    "promise": "7.0.4",
+    "tar": "2.2.1"
+  }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Misc. License Issues

License

(Experimental) A package's licensing information has fine-grained problems.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No License Found

License

(Experimental) License information could not be found.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

13208

increased by2802.86%

Number of package files

13

increased by1200%

Number of low license alerts

0

decreased by-100%

Number of medium license alerts

0

decreased by-100%

Lines of code

150

increased byInfinity%

Number of low quality alerts

2

decreased by-33.33%

Number of medium quality alerts

0

decreased by-100%

Number of lines in readme file

13

increased byInfinity%

Worsened metrics

Dependency count

4

increased byInfinity%

Number of high supply chain risk alerts

1

increased byInfinity%

Number of low supply chain risk alerts

6

increased byInfinity%

Number of medium supply chain risk alerts

5

increased by400%

Dependency changes

• + Addedfollow-redirects@0.0.7

• + Addedmkdirp@0.5.1

• + Addedpromise@7.0.4

• + Addedtar@2.2.1

• + Addedasap@2.0.6(transitive)

• + Addedbalanced-match@1.0.2(transitive)

• + Addedblock-stream@0.0.9(transitive)

• + Addedbrace-expansion@1.1.11(transitive)

• + Addedconcat-map@0.0.1(transitive)

• + Addeddebug@2.6.9(transitive)

• + Addedfollow-redirects@0.0.7(transitive)

• + Addedfs.realpath@1.0.0(transitive)

• + Addedfstream@1.0.12(transitive)

• + Addedglob@7.2.3(transitive)

• + Addedgraceful-fs@4.2.11(transitive)

• + Addedinflight@1.0.6(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedminimatch@3.1.2(transitive)

• + Addedminimist@0.0.8(transitive)

• + Addedmkdirp@0.5.1(transitive)

• + Addedms@2.0.0(transitive)

• + Addedonce@1.4.0(transitive)

• + Addedpath-is-absolute@1.0.1(transitive)

• + Addedpromise@7.0.4(transitive)

• + Addedrimraf@2.7.1(transitive)

• + Addedstream-consume@0.1.1(transitive)

• + Addedtar@2.2.1(transitive)

• + Addedwrappy@1.0.2(transitive)