envelope-js
Advanced tools
envelope-js - npm Package Compare versions
Comparing version 0.1.3 to 1.0.0
| { | ||
| "name": "envelope-js", | ||
| "description": "new private message format for ssb", | ||
| "version": "0.1.3", | ||
| "version": "1.0.0", | ||
| "homepage": "https://github.com/ssbc/envelope-js", | ||
@@ -19,3 +19,3 @@ "repository": { | ||
| "buffer-xor": "^2.0.2", | ||
| "envelope-spec": "github:ssbc/envelope-spec", | ||
| "envelope-spec": "^1.0.0", | ||
| "futoin-hkdf": "^1.3.2", | ||
@@ -22,0 +22,0 @@ "sodium-native": "^3.2.0" |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Number of low quality alerts
- decreased by-100%
0
- Number of high supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-0.05%
37855
Dependency changes
+ Addedcommander@2.20.3(transitive)
+ Addeddiscontinuous-range@1.0.0(transitive)
+ Addedenvelope-spec@1.1.1(transitive)
+ Addedip@1.1.9(transitive)
+ Addedis-canonical-base64@1.1.1(transitive)
+ Addedis-valid-domain@0.0.20(transitive)
+ Addedmoo@0.5.2(transitive)
+ Addedmultiserver-address@1.0.1(transitive)
+ Addednearley@2.20.1(transitive)
+ Addedpunycode@1.4.1(transitive)
+ Addedrailroad-diagrams@1.0.0(transitive)
+ Addedrandexp@0.4.6(transitive)
+ Addedret@0.1.15(transitive)
+ Addedssb-bfe@1.1.0(transitive)
+ Addedssb-ref@2.16.0(transitive)
Updatedenvelope-spec@^1.0.0