express-security-txt - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

package.json

 {
   "name": "express-security-txt",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Express middleware that implements a security.txt path and policy",
   "main": "index.js",
+  "scripts": {
+    "lint": "standard && eslint *.js",
+    "lint:fix": "standard --fix",
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "coverage:view": "opn coverage/lcov-report/index.html",
+    "commit": "git-cz",
+    "docs": "yarn run docs:code && yarn run docs:api",
+    "docs:api": "doxdox *.js --layout bootstrap --output docs/index.html",
+    "docs:code": "docco *.js --output docs/code"
+  },
   "author": "Liran Tal",
-  "license": "MIT"
+  "license": "MIT",
+  "devDependencies": {
+    "commitizen": "^2.9.5",
+    "cz-conventional-changelog": "^1.2.0",
+    "docco": "^0.7.0",
+    "doxdox": "^2.0.1",
+    "eslint": "^3.19.0",
+    "eslint-plugin-import": "^2.2.0",
+    "eslint-plugin-node": "^4.2.2",
+    "eslint-plugin-security": "^1.3.0",
+    "jest": "^21.1.0",
+    "opn-cli": "^3.1.0",
+    "standard": "^10.0.2"
+  },
+  "jest": {
+    "verbose": true,
+    "notify": true,
+    "collectCoverage": true,
+    "coverageThreshold": {
+      "global": {
+        "branches": 90,
+        "functions": 90,
+        "lines": 90,
+        "statements": 90
+      }
+    }
+  },
+  "config": {
+    "commitizen": {
+      "path": "./node_modules/cz-conventional-changelog"
+    }
+  },
+  "standard": {
+    "env": [
+      "node",
+      "jest"
+    ]
+  },
+  "eslintConfig": {
+    "env": {
+      "node": true,
+      "es6": true,
+      "jest": true
+    },
+    "plugins": [
+      "node",
+      "security"
+    ],
+    "extends": [
+      "plugin:node/recommended"
+    ],
+    "rules": {
+      "node/no-unsupported-features": "off",
+      "node/no-unpublished-require": "off",
+      "security/detect-non-literal-fs-filename": "error",
+      "security/detect-unsafe-regex": "error",
+      "security/detect-buffer-noassert": "error",
+      "security/detect-child-process": "error",
+      "security/detect-disable-mustache-escape": "error",
+      "security/detect-eval-with-expression": "error",
+      "security/detect-no-csrf-before-method-override": "error",
+      "security/detect-non-literal-regexp": "error",
+      "security/detect-non-literal-require": "error",
+      "security/detect-object-injection": "error",
+      "security/detect-possible-timing-attacks": "error",
+      "security/detect-pseudoRandomBytes": "error"
+    },
+    "parserOptions": {
+      "ecmaFeatures": {
+        "impliedStrict": true
+      }
+    }
+  }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

152118

increased by71653.77%

Number of package files

10

increased by900%

Lines of code

272

increased byInfinity%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

65

increased byInfinity%

Worsened metrics

Dev dependency count

11

increased byInfinity%

No dependency changes