Comparing version 0.0.1 to 1.0.0-RC1
{ | ||
"name": "fh-sync", | ||
"version": "0.0.1", | ||
"description": "Placeholder for feedhenry/fh-sync", | ||
"main": "index.js", | ||
"version": "1.0.0-RC1", | ||
"description": "JSON data syncronisation server", | ||
"main": "lib/index.js", | ||
"dependencies": { | ||
"async": "2.1.5", | ||
"backoff": "^2.5.0", | ||
"debug": "2.6.3", | ||
"fh-component-metrics": "2.7.0", | ||
"mongodb": "2.1.18", | ||
"mongodb-lock": "0.4.0", | ||
"mongodb-queue": "2.2.0", | ||
"parse-duration": "0.1.1", | ||
"redis": "^2.6.5", | ||
"underscore": "1.7.0" | ||
}, | ||
"devDependencies": { | ||
"jsdoc": "^3.4.3", | ||
"grunt": "^0.4.5", | ||
"grunt-cli": "^1.2.0", | ||
"grunt-fh-build": "^0.5.0", | ||
"grunt-mocha-test": "^0.13.2", | ||
"istanbul": "0.2.14", | ||
"jshint": "^2.5.2", | ||
"mocha": "2.4.5", | ||
"proxyquire": "1.4.0", | ||
"sinon": "^1.17.5", | ||
"valid-url": "1.0.9" | ||
}, | ||
"scripts": { | ||
"test": "echo \"Error: no test specified\" && exit 1" | ||
"docs": "./node_modules/.bin/jsdoc -d docs/api ./lib", | ||
"pretest": "./scripts/pretest.sh", | ||
"test": "grunt fh:unit mochaTest:integration", | ||
"posttest": "./scripts/posttest.sh" | ||
}, | ||
"author": "", | ||
"license": "Apache-2.0" | ||
"license": "Apache-2.0", | ||
"repository": { | ||
"type": "git", | ||
"url": "git@github.com:feedhenry/fh-sync.git" | ||
} | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
201769
41
4787
2
1
56
10
11
3
3
+ Addedasync@2.1.5
+ Addedbackoff@^2.5.0
+ Addeddebug@2.6.3
+ Addedfh-component-metrics@2.7.0
+ Addedmongodb@2.1.18
+ Addedmongodb-lock@0.4.0
+ Addedmongodb-queue@2.2.0
+ Addedparse-duration@0.1.1
+ Addedredis@^2.6.5
+ Addedunderscore@1.7.0
+ Addedasync@2.1.5(transitive)
+ Addedbackoff@2.5.0(transitive)
+ Addedbson@0.4.23(transitive)
+ Addedcore-util-is@1.0.3(transitive)
+ Addeddebug@2.6.3(transitive)
+ Addeddouble-ended-queue@2.1.0-0(transitive)
+ Addedes6-promise@3.0.2(transitive)
+ Addedfh-component-metrics@2.7.0(transitive)
+ Addedinherits@2.0.4(transitive)
+ Addedisarray@0.0.1(transitive)
+ Addedlodash@4.17.214.17.4(transitive)
+ Addedmongodb@2.1.18(transitive)
+ Addedmongodb-core@1.3.18(transitive)
+ Addedmongodb-lock@0.4.0(transitive)
+ Addedmongodb-queue@2.2.0(transitive)
+ Addedms@0.7.2(transitive)
+ Addedparse-duration@0.1.1(transitive)
+ Addedprecond@0.2.3(transitive)
+ Addedreadable-stream@1.0.31(transitive)
+ Addedredis@2.8.0(transitive)
+ Addedredis-commands@1.7.0(transitive)
+ Addedredis-parser@2.6.0(transitive)
+ Addedrequire_optional@1.0.1(transitive)
+ Addedresolve-from@2.0.0(transitive)
+ Addedsemver@5.7.2(transitive)
+ Addedstring_decoder@0.10.31(transitive)
+ Addedunderscore@1.7.0(transitive)