fh-sync - npm Package Compare versions
Comparing version 1.0.13 to 1.0.14
@@ -1,2 +0,2 @@ | ||
| var mongodbQ = require('mongodb-queue'); | ||
| var mongodbQ = require('fh-mongodb-queue'); | ||
| var metrics = require('./sync-metrics'); | ||
@@ -3,0 +3,0 @@ var _ = require('underscore'); |
| { | ||
| "name": "fh-sync", | ||
| "version": "1.0.13", | ||
| "version": "1.0.14", | ||
| "description": "FeedHenry Data Synchronization Server", | ||
@@ -11,5 +11,5 @@ "main": "index.js", | ||
| "fh-component-metrics": "2.7.0", | ||
| "fh-mongodb-queue": "3.3.0", | ||
| "mongodb": "2.1.18", | ||
| "mongodb-lock": "0.4.0", | ||
| "mongodb-queue": "git+https://github.com/david-martin/mongodb-queue.git#ttl-index-01", | ||
| "parse-duration": "0.1.1", | ||
@@ -16,0 +16,0 @@ "redis": "2.6.5", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Number of high supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-0.15%
226579
- Number of package files
- decreased by-2.13%
46
- Number of medium supply chain risk alerts
- increased by100%
2
Dependency changes
+ Addedfh-mongodb-queue@3.3.0
+ Addedfh-mongodb-queue@3.3.0(transitive)
- Removedmongodb-queue@git+https://github.com/david-martin/mongodb-queue.git#ttl-index-01