envelope-js
Advanced tools
Comparing version 0.1.3 to 1.0.0
{ | ||
"name": "envelope-js", | ||
"description": "new private message format for ssb", | ||
"version": "0.1.3", | ||
"version": "1.0.0", | ||
"homepage": "https://github.com/ssbc/envelope-js", | ||
@@ -19,3 +19,3 @@ "repository": { | ||
"buffer-xor": "^2.0.2", | ||
"envelope-spec": "github:ssbc/envelope-spec", | ||
"envelope-spec": "^1.0.0", | ||
"futoin-hkdf": "^1.3.2", | ||
@@ -22,0 +22,0 @@ "sodium-native": "^3.2.0" |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
0
0
37855
+ Addedcommander@2.20.3(transitive)
+ Addeddiscontinuous-range@1.0.0(transitive)
+ Addedenvelope-spec@1.1.1(transitive)
+ Addedip@1.1.9(transitive)
+ Addedis-canonical-base64@1.1.1(transitive)
+ Addedis-valid-domain@0.0.20(transitive)
+ Addedmoo@0.5.2(transitive)
+ Addedmultiserver-address@1.0.1(transitive)
+ Addednearley@2.20.1(transitive)
+ Addedpunycode@1.4.1(transitive)
+ Addedrailroad-diagrams@1.0.0(transitive)
+ Addedrandexp@0.4.6(transitive)
+ Addedret@0.1.15(transitive)
+ Addedssb-bfe@1.1.0(transitive)
+ Addedssb-ref@2.16.0(transitive)
Updatedenvelope-spec@^1.0.0