express-jwt - npm Package Compare versions

Comparing version 6.1.0 to 6.1.1

lib/index.js

@@ -5,3 +5,3 @@ var jwt = require('jsonwebtoken');
 var async = require('async');
-var set = require('lodash.set');
+var set = require('lodash/set');
 
@@ -8,0 +8,0 @@ var DEFAULT_REVOKED_FUNCTION = function(_, __, cb) { return cb(null, false); };

package.json

 {
   "name": "express-jwt",
-  "version": "6.1.0",
+  "version": "6.1.1",
   "description": "JWT authentication middleware.",
@@ -35,3 +35,3 @@ "keywords": [
     "jsonwebtoken": "^8.1.0",
-    "lodash.set": "^4.0.0"
+    "lodash": "^4.17.21"
   },
@@ -38,0 +38,0 @@ "devDependencies": {

README.md

@@ -99,3 +99,3 @@ # express-jwt
 
-Both `resultProperty` and `requestProperty` utilize [lodash.set](https://lodash.com/docs/4.17.2#set) and will accept nested property paths.
+Both `resultProperty` and `requestProperty` utilize [lodash.set](https://lodash.com/docs/4.17.15#set) and will accept nested property paths.
 
@@ -102,0 +102,0 @@ ### Customizing Token Location

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

45614

Dependency changes

• + Addedlodash@^4.17.21

• + Addedlodash@4.17.21(transitive)

• - Removedlodash.set@^4.0.0

• - Removedlodash.set@4.3.2(transitive)