encodr - npm Package Compare versions

Comparing version 1.2.5 to 1.3.0

Gruntfile.js

@@ -62,3 +62,2 @@ /*
                         } ],
-                        "aliasify",
                         [ "uglifyify", { sourceMap: false, global: true } ]
@@ -87,3 +86,3 @@ ],
                             "targets": {
-                                "node": "8.0.0"
+                                "node": "12.0.0"
                             }
@@ -90,0 +89,0 @@ } ]

package.json

 {
     "name":        "encodr",
-    "version":     "1.2.5",
+    "version":     "1.3.0",
     "description": "Encoding/Decoding to/from JSON/CBOR/MsgPack",
@@ -20,30 +20,25 @@ "keywords":    [ "encode", "decode", "codec", "json", "cbor", "msgpack" ],
     "bugs":     "https://github.com/rse/encodr/issues",
-    "aliasify": {
-        "aliases": {
-            "cbor":                       "cbor-js"
-        }
-    },
     "dependencies": {
         "msgpack-lite":                    "0.1.26",
-        "cbor":                            "5.2.0",
-        "cbor-js":                         "0.1.0",
-        "utf8":                            "3.0.0"
+        "cbor":                            "7.0.5",
+        "utf8":                            "3.0.0",
+        "bignumber.js":                    "9.0.1",
+        "node-inspect-extracted":          "1.0.7"
     },
     "devDependencies": {
-        "grunt":                           "1.3.0",
-        "grunt-cli":                       "1.3.2",
+        "grunt":                           "1.4.1",
+        "grunt-cli":                       "1.4.3",
         "grunt-contrib-clean":             "2.0.0",
         "grunt-eslint":                    "23.0.0",
         "grunt-babel":                     "8.0.0",
-        "grunt-browserify":                "5.3.0",
+        "grunt-browserify":                "6.0.0",
         "grunt-mocha-test":                "0.13.3",
         "browserify":                      "17.0.0",
-        "aliasify":                        "2.1.0",
         "babelify":                        "10.0.0",
-        "@babel/core":                     "7.12.10",
-        "@babel/preset-env":               "7.12.11",
-        "@babel/register":                 "7.12.10",
+        "@babel/core":                     "7.14.3",
+        "@babel/preset-env":               "7.14.2",
+        "@babel/register":                 "7.13.16",
         "babel-eslint":                    "10.1.0",
-        "mocha":                           "8.2.1",
-        "chai":                            "4.2.0",
+        "mocha":                           "8.4.0",
+        "chai":                            "4.3.4",
         "chai-deep-match":                 "1.2.1",
@@ -53,10 +48,10 @@ "uglifyify":                       "5.0.2",
         "browserify-derequire":            "1.1.1",
-        "eslint":                          "7.17.0",
-        "eslint-config-standard":          "16.0.2",
+        "eslint":                          "7.27.0",
+        "eslint-config-standard":          "16.0.3",
         "eslint-plugin-promise":           "4.2.1",
-        "eslint-plugin-import":            "2.22.1",
+        "eslint-plugin-import":            "2.23.3",
         "eslint-plugin-node":              "11.1.0"
     },
     "engines": {
-        "node":                            ">=8.0.0"
+        "node":                            ">=12.0.0"
     },
@@ -63,0 +58,0 @@ "scripts": {

smp/Gruntfile.js

@@ -21,6 +21,7 @@
                             ]
-                        } ]
+                        } ],
+                        [ "uglifyify", { sourceMap: false, global: true } ]
                     ],
                     browserifyOptions: {
-                        standalone: "ClientBrowser",
+                        standalone: "Sample",
                         debug: false
@@ -27,0 +28,0 @@ }

smp/package.json

@@ -6,3 +6,4 @@ {
     "dependencies": {
-        "@babel/core":                     "7.12.10"
+        "@babel/core":                     "7.12.10",
+        "encodr":                          ".."
     },
@@ -16,2 +17,3 @@ "devDependencies": {
         "babelify":                        "10.0.0",
+        "uglifyify":                       "5.0.2",
         "@babel/preset-env":               "7.12.11",
@@ -18,0 +20,0 @@ "chai":                            "4.2.0",

smp/sample.js

 
-const Encodr        = require("..")
+const Encodr        = require("encodr")
 
@@ -4,0 +4,0 @@ const chai          = require("chai")

New alerts

Uses eval

Supply chain risk

Package uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

304780

increased by210.83%

Dev dependency count

24

decreased by-4%

Lines of code

1621

increased by114.99%

Worsened metrics

Dependency count

5

increased by25%

Number of low supply chain risk alerts

5

increased by66.67%

Number of medium supply chain risk alerts

5

increased by400%

Dependency changes

• + Addedbignumber.js@9.0.1

• + Addednode-inspect-extracted@1.0.7

• + Added@cto.af/textdecoder@0.0.0(transitive)

• + Addedbignumber.js@9.0.1(transitive)

• + Addedcbor@7.0.5(transitive)

• + Addednode-inspect-extracted@1.0.7(transitive)

• + Addednofilter@2.0.3(transitive)

• - Removedcbor-js@0.1.0

• - Removedbignumber.js@9.1.2(transitive)

• - Removedcbor@5.2.0(transitive)

• - Removedcbor-js@0.1.0(transitive)

• - Removednofilter@1.0.4(transitive)

• Updatedcbor@7.0.5