ezpz - npm Package Compare versions

Comparing version 0.0.1 to 1.0.0

package.json

 {
   "name": "ezpz",
-  "version": "0.0.1",
-  "description": "Easy build system",
-  "main": "index.js",
+  "version": "1.0.0",
+  "description": "stylesheet helper",
+  "main": "build/bundle.js",
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "build": "node scripts/build.js",
+    "test": "jest",
+    "coveralls": "cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js"
   },
-  "author": "Bill Columbia",
-  "license": "MIT"
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/lazopm/peitho"
+  },
+  "author": "Pablo Lazo <lazopm@gmail.com> (lazopm.com)",
+  "license": "ISC",
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-external-helpers": "^6.22.0",
+    "babel-preset-env": "^1.5.1",
+    "babel-preset-stage-3": "^6.24.1",
+    "coveralls": "^2.13.1",
+    "jest": "^20.0.4",
+    "rollup": "^0.41.6",
+    "rollup-plugin-babel": "^2.7.1",
+    "rollup-plugin-commonjs": "^8.0.2",
+    "rollup-plugin-node-resolve": "^3.0.0",
+    "rollup-plugin-uglify": "^2.0.1",
+    "uglify-es": "^3.0.15"
+  },
+  "jest": {
+    "verbose": true,
+    "collectCoverage": true,
+    "collectCoverageFrom": [
+      "src/**/*.js"
+    ],
+    "coveragePathIgnorePatterns": [
+      "src/main.js"
+    ]
+  },
+  "dependencies": {
+    "lodash.memoize": "^4.1.2"
+  }
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

122168

increased by53016.52%

Number of package files

24

increased by2300%

Lines of code

420

increased byInfinity%

Number of low quality alerts

1

decreased by-66.67%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

57

increased byInfinity%

Worsened metrics

Dependency count

1

increased byInfinity%

Dev dependency count

12

increased byInfinity%

Number of medium supply chain risk alerts

2

increased by100%

Dependency changes

• + Addedlodash.memoize@^4.1.2

• + Addedlodash.memoize@4.1.2(transitive)