Comparing version 1.0.2-22 to 1.1.0-39
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
NPM Shrinkwrap
Supply chain riskPackage contains a shrinkwrap file. This may allow the package to bypass normal install procedures.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
NPM Shrinkwrap
Supply chain riskPackage contains a shrinkwrap file. This may allow the package to bypass normal install procedures.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
542940
245
13249
1
18
+ Addedcli-tree@0.0.1
+ Addedcli-tree@0.0.1(transitive)
+ Addedcolors@0.6.2(transitive)
+ Addednopt@1.0.0(transitive)
+ Addedsemver@1.0.14(transitive)
+ Addedyargs@2.1.1(transitive)
- Removedcolors@0.6.0-1(transitive)
- Removednopt@1.0.10(transitive)
- Removedsemver@1.1.4(transitive)
Updatedcolors@0.6.2
Updatedmoment@2.0.0
Updatednopt@1.0.0
Updatedrequest@2.11.4
Updatedsemver@1.0.14
Updatedunderscore@1.5.2
Updatedyargs@2.1.1