fetchbook - npm Package Compare versions
Comparing version 1.0.2 to 1.1.0-beta.1
| #!/usr/bin/env node | ||
| const { spawnSync } = require("child_process"); | ||
| const path = require("path"); | ||
| const cwd = path.join(__dirname, "..", "cli"); | ||
| spawnSync("bun", ["install"], { cwd }); | ||
| spawnSync( | ||
| "bun", | ||
| ["run", path.join(cwd, "fetchbook-cli.ts"), ...process.argv.slice(2)], | ||
| ["run", path.join(__dirname, "..", "cli.ts"), ...process.argv.slice(2)], | ||
| { | ||
@@ -11,0 +9,0 @@ stdio: "inherit", |
| { | ||
| "name": "fetchbook", | ||
| "version": "1.0.2", | ||
| "version": "1.1.0-beta.1", | ||
| "description": "Manage your HTTP requests", | ||
@@ -8,8 +8,14 @@ "author": "Alejandro Tardín <alejandro@tardin.com>", | ||
| "dependencies": { | ||
| "bun": "^1.0.3" | ||
| "bun": "^1.0.3", | ||
| "commander": "^11.0.0", | ||
| "fetch-to-curl": "^0.6.0", | ||
| "json-colorizer": "^2.2.2", | ||
| "picocolors": "^1.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "bun-types": "latest", | ||
| "json-server": "^0.17.4", | ||
| "semantic-release": "^22.0.5", | ||
| "start-server-and-test": "^2.0.1", | ||
| "semantic-release": "^22.0.5" | ||
| "typescript": "^5.0.0" | ||
| }, | ||
@@ -16,0 +22,0 @@ "bin": { |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Fixed alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 7 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Mixed license
License(Experimental) Package contains multiple licenses.
Found 1 instance in 1 package
Improved metrics
- Number of low license alerts
- decreased by-100%
0
- Number of high supply chain risk alerts
- decreased by-100%
0
- Number of low supply chain risk alerts
- decreased by-100%
0
- Number of medium supply chain risk alerts
- decreased by-71.43%
2
Worsened metrics
- Total package byte prevSize
- decreased by-100%
6318
- Dependency count
- increased by400%
5
- Dev dependency count
- increased by66.67%
5
- Number of package files
- decreased by-90%
10
- Lines of code
- decreased by-99.64%
171
- Number of low quality alerts
- increased by100%
2
- Number of medium quality alerts
- increased by100%
2
- Number of lines in readme file
- decreased by-100%
0
Dependency changes
+ Addedcommander@^11.0.0
+ Addedfetch-to-curl@^0.6.0
+ Addedjson-colorizer@^2.2.2
+ Addedpicocolors@^1.0.0
+ Addedansi-styles@3.2.1(transitive)
+ Addedchalk@2.4.2(transitive)
+ Addedcolor-convert@1.9.3(transitive)
+ Addedcolor-name@1.1.3(transitive)
+ Addedcommander@11.1.0(transitive)
+ Addedescape-string-regexp@1.0.5(transitive)
+ Addedfetch-to-curl@0.6.0(transitive)
+ Addedhas-flag@3.0.0(transitive)
+ Addedjson-colorizer@2.2.2(transitive)
+ Addedlodash.get@4.4.2(transitive)
+ Addedpicocolors@1.1.1(transitive)
+ Addedsupports-color@5.5.0(transitive)