fontnik - npm Package Compare versions

Comparing version 0.7.1 to 0.7.2-dev.2

index.js

@@ -1,1 +0,3 @@
-module.exports = require('./lib/binding/fontnik.node');
+var binding = require('node-gyp-build')(__dirname)
+
+module.exports = binding

package.json

 {
   "name": "fontnik",
-  "version": "0.7.1",
+  "version": "0.7.2-dev.2",
   "description": "A library that delivers a range of glyphs rendered as SDFs (signed distance fields) in a protobuf.",
@@ -26,7 +26,8 @@ "keywords": [
   "dependencies": {
-    "@mapbox/node-pre-gyp": "^1.0.10",
     "d3-queue": "^3.0.7",
     "glob": "^7.1.6",
     "minimist": "^1.2.5",
-    "node-addon-api": "^2.0.1"
+    "node-addon-api": "^2.0.1",
+    "node-gyp-build": "^4.6.0",
+    "prebuildify": "^5.0.1"
   },
@@ -47,4 +48,5 @@ "devDependencies": {
   "scripts": {
-    "install": "node-pre-gyp install --fallback-to-build=true",
-    "test": "./node_modules/.bin/tape test/**/*.test.js"
+    "install": "node-gyp-build",
+    "test": "./node_modules/.bin/tape test/**/*.test.js",
+    "prebuildify": "prebuildify --napi"
   },
@@ -51,0 +53,0 @@ "binary": {

New alerts

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1014983

increased by1517.99%

Number of package files

27

increased by3.85%

Lines of code

38

increased by2.7%

Number of high supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

6

increased by20%

Number of medium supply chain risk alerts

3

increased by200%

Dependency changes

• + Addednode-gyp-build@^4.6.0

• + Addedprebuildify@^5.0.1

• + Addedbase64-js@1.5.1(transitive)

• + Addedbl@4.1.0(transitive)

• + Addedbuffer@5.7.1(transitive)

• + Addedchownr@1.1.4(transitive)

• + Addedend-of-stream@1.4.4(transitive)

• + Addedexecspawn@1.0.1(transitive)

• + Addedfs-constants@1.0.0(transitive)

• + Addedieee754@1.2.1(transitive)

• + Addedmkdirp-classic@0.5.3(transitive)

• + Addednode-abi@3.74.0(transitive)

• + Addednode-gyp-build@4.8.4(transitive)

• + Addednpm-run-path@3.1.0(transitive)

• + Addedpath-key@3.1.1(transitive)

• + Addedprebuildify@5.0.1(transitive)

• + Addedpump@3.0.2(transitive)

• + Addedtar-fs@2.1.2(transitive)

• + Addedtar-stream@2.2.0(transitive)

• + Addedutil-extend@1.0.3(transitive)

• - Removed@mapbox/node-pre-gyp@^1.0.10

• - Removed@mapbox/node-pre-gyp@1.0.11(transitive)

• - Removedabbrev@1.1.1(transitive)

• - Removedagent-base@6.0.2(transitive)

• - Removedansi-regex@5.0.1(transitive)

• - Removedaproba@2.0.0(transitive)

• - Removedare-we-there-yet@2.0.0(transitive)

• - Removedchownr@2.0.0(transitive)

• - Removedcolor-support@1.1.3(transitive)

• - Removedconsole-control-strings@1.1.0(transitive)

• - Removeddebug@4.4.0(transitive)

• - Removeddelegates@1.0.0(transitive)

• - Removeddetect-libc@2.0.3(transitive)

• - Removedemoji-regex@8.0.0(transitive)

• - Removedfs-minipass@2.1.0(transitive)

• - Removedgauge@3.0.2(transitive)

• - Removedhas-unicode@2.0.1(transitive)

• - Removedhttps-proxy-agent@5.0.1(transitive)

• - Removedis-fullwidth-code-point@3.0.0(transitive)

• - Removedmake-dir@3.1.0(transitive)

• - Removedminipass@3.3.65.0.0(transitive)

• - Removedminizlib@2.1.2(transitive)

• - Removedmkdirp@1.0.4(transitive)

• - Removedms@2.1.3(transitive)

• - Removednode-fetch@2.7.0(transitive)

• - Removednopt@5.0.0(transitive)

• - Removednpmlog@5.0.1(transitive)

• - Removedobject-assign@4.1.1(transitive)

• - Removedrimraf@3.0.2(transitive)

• - Removedsemver@6.3.1(transitive)

• - Removedset-blocking@2.0.0(transitive)

• - Removedsignal-exit@3.0.7(transitive)

• - Removedstring-width@4.2.3(transitive)

• - Removedstrip-ansi@6.0.1(transitive)

• - Removedtar@6.2.1(transitive)

• - Removedtr46@0.0.3(transitive)

• - Removedwebidl-conversions@3.0.1(transitive)

• - Removedwhatwg-url@5.0.0(transitive)

• - Removedwide-align@1.1.5(transitive)

• - Removedyallist@4.0.0(transitive)