gacha - npm Package Compare versions

Comparing version 0.0.1 to 0.0.2

package.json

 {
   "name": "gacha",
-  "version": "0.0.1",
+  "version": "0.0.2",
   "description": "Roguelike item drop distribution calculator",
   "main": "index.js",
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "test": "./node_modules/.bin/mocha"
   },
@@ -25,3 +25,9 @@ "repository": {
   },
-  "homepage": "https://github.com/PhobosRising/node-gacha#readme"
+  "homepage": "https://github.com/PhobosRising/node-gacha#readme",
+  "dependencies": {
+    "gaussian": "^1.0.0"
+  },
+  "devDependencies": {
+    "mocha": "^2.3.4"
+  }
 }

New alerts

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

17966

increased by2765.39%

Number of package files

11

increased by1000%

Lines of code

145

increased byInfinity%

Number of low quality alerts

1

decreased by-50%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

94

increased byInfinity%

Worsened metrics

Dependency count

1

increased byInfinity%

Dev dependency count

1

increased byInfinity%

Dependency changes

• + Addedgaussian@^1.0.0

• + Addedgaussian@1.3.0(transitive)