fairmont-helpers
Advanced tools
fairmont-helpers - npm Package Compare versions
Comparing version 2.0.1 to 3.0.0
| { | ||
| "name": "fairmont-helpers", | ||
| "version": "2.0.1", | ||
| "description": "Functional and reactive programming for JavaScript.", | ||
| "version": "3.0.0", | ||
| "description": "Functional helpers for arrays, objects, strings, and types", | ||
| "files": [ | ||
| "src/", | ||
| "lib/", | ||
| "README.md" | ||
| "build/npm" | ||
| ], | ||
| "main": "lib/index.js", | ||
| "main": "build/npm/lib/index.js", | ||
| "scripts": { | ||
| "test": "coffee test/index.coffee", | ||
| "watch": "coffee -o lib/ -cw src/*.*coffee", | ||
| "prepublish": "coffee -o lib/ -c src/*.*coffee", | ||
| "postpublish": "(node_modules/.bin/json -f package.json version | xargs -I version git tag -am version version) && git push --tags" | ||
| "test": "gulp test" | ||
| }, | ||
@@ -27,13 +22,13 @@ "repository": { | ||
| "devDependencies": { | ||
| "amen": "^1.0.0", | ||
| "coffee-script": "^1.10.0", | ||
| "json": "^9.0.3", | ||
| "amen": "^2.0.2", | ||
| "fairmont-build-tools": "^1.0.0", | ||
| "gulp": "github:gulpjs/gulp#4.0", | ||
| "power-assert": "^1.4.4", | ||
| "sinon": "^1.17.4" | ||
| }, | ||
| "dependencies": { | ||
| "base64-words": "^0.2.0", | ||
| "fairmont-core": "1.0.x", | ||
| "fairmont-multimethods": "1.0.x" | ||
| }, | ||
| "engine": "node >= 6.0.0" | ||
| "engine": "node >= 6.10" | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by32.19%
99910
- Dependency count
- decreased by-33.33%
2
- Lines of code
- increased by17.54%
2205
- Number of low supply chain risk alerts
- decreased by-66.67%
1
Worsened metrics
- Dev dependency count
- increased by25%
5
- Number of package files
- decreased by-36.67%
19
Dependency changes
- Removedbase64-words@^0.2.0
- Removedbase64-words@0.2.0(transitive)