graphql-ws
Advanced tools
graphql-ws - npm Package Compare versions
Comparing version 0.1.0 to 0.1.1
| { | ||
| "name": "graphql-ws", | ||
| "version": "0.1.0", | ||
| "description": "GraphQL over WebSocket", | ||
| "main": "index.js", | ||
| "version": "0.1.1", | ||
| "description": "WebSocket transport for GraphQL", | ||
| "main": "dist/index.js", | ||
| "browser": "dist/client.js", | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "" | ||
| }, | ||
| "dependencies": { | ||
| "@types/ref": "0.0.28", | ||
| "@types/ref-struct": "0.0.28", | ||
| "backo2": "^1.0.2", | ||
| "eventemitter3": "^2.0.3", | ||
| "iterall": "^1.1.1", | ||
| "lodash.assign": "^4.2.0", | ||
| "lodash.isobject": "^3.0.2", | ||
| "lodash.isstring": "^4.0.1", | ||
| "rxjs": "^5.4.3", | ||
| "symbol-observable": "^1.0.4", | ||
| "ws": "^3.0.0" | ||
| }, | ||
| "scripts": { | ||
| "test": "echo \"Error: no test specified\" && exit 1" | ||
| "compile": "tsc", | ||
| "pretest": "npm run compile", | ||
| "test": "npm run testonly --", | ||
| "posttest": "npm run lint", | ||
| "lint": "tslint --format stylish --type-check --project ./tsconfig.json", | ||
| "watch": "tsc -w", | ||
| "testonly": "mocha --reporter spec --full-trace ./dist/test/**/*.js", | ||
| "coverage": "node ./node_modules/istanbul/lib/cli.js cover _mocha -- --full-trace ./dist/test/tests.js", | ||
| "postcoverage": "remap-istanbul --input coverage/coverage.raw.json --type lcovonly --output coverage/lcov.info", | ||
| "browser-compile": "webpack --config \"./unpkg-webpack.config.js\"", | ||
| "prepublishOnly": "npm run compile ; npm run browser-compile ; rimraf src", | ||
| "postinstall": "node scripts/post-install.js" | ||
| }, | ||
| "author": "", | ||
| "license": "BSD-3-Clause" | ||
| "peerDependencies": { | ||
| "graphql": "^0.10.0 || ^0.11.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@types/chai": "^4.0.0", | ||
| "@types/graphql": "^0.11.3", | ||
| "@types/lodash": "^4.14.68", | ||
| "@types/mocha": "^2.2.41", | ||
| "@types/node": "^8.0.8", | ||
| "@types/sinon": "^2.3.0", | ||
| "@types/ws": "^3.0.0", | ||
| "chai": "^4.0.2", | ||
| "graphql": "^0.11.3", | ||
| "graphql-subscriptions": "^0.5.0", | ||
| "istanbul": "^1.0.0-alpha.2", | ||
| "lodash": "^4.17.1", | ||
| "mocha": "^3.4.2", | ||
| "remap-istanbul": "^0.9.5", | ||
| "rimraf": "^2.6.1", | ||
| "sinon": "^2.3.6", | ||
| "ts-node": "^3.3.0", | ||
| "tslint": "^5.5.0", | ||
| "typescript": "^2.4.1", | ||
| "webpack": "^3.1.0" | ||
| }, | ||
| "typings": "dist/index.d.ts", | ||
| "typescript": { | ||
| "definition": "dist/index.d.ts" | ||
| }, | ||
| "license": "MIT" | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Non-existent author
Supply chain riskThe package was published by an npm account that no longer exists.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by98583.97%
233881
- Number of package files
- increased by5200%
53
- Lines of code
- increased byInfinity%
3419
- Number of low quality alerts
- decreased by-33.33%
2
- Number of medium quality alerts
- decreased by-100%
0
- Number of lines in readme file
- increased byInfinity%
280
Worsened metrics
- Dependency count
- increased byInfinity%
12
- Dev dependency count
- increased byInfinity%
20
- Number of low supply chain risk alerts
- increased by300%
4
- Number of medium supply chain risk alerts
- increased by200%
3
Dependency changes
+ Added@types/ref@0.0.28
+ Added@types/ref-struct@0.0.28
+ Addedbacko2@^1.0.2
+ Addedeventemitter3@^2.0.3
+ Addediterall@^1.1.1
+ Addedlodash.assign@^4.2.0
+ Addedlodash.isobject@^3.0.2
+ Addedlodash.isstring@^4.0.1
+ Addedrxjs@^5.4.3
+ Addedsymbol-observable@^1.0.4
+ Addedws@^3.0.0
+ Added@types/node@22.9.0(transitive)
+ Added@types/ref@0.0.28(transitive)
+ Added@types/ref-struct@0.0.28(transitive)
+ Addedasync-limiter@1.0.1(transitive)
+ Addedbacko2@1.0.2(transitive)
+ Addedeventemitter3@2.0.3(transitive)
+ Addedgraphql@0.11.7(transitive)
+ Addediterall@1.1.31.3.0(transitive)
+ Addedlodash.assign@4.2.0(transitive)
+ Addedlodash.isobject@3.0.2(transitive)
+ Addedlodash.isstring@4.0.1(transitive)
+ Addedrxjs@5.5.12(transitive)
+ Addedsafe-buffer@5.1.2(transitive)
+ Addedsymbol-observable@1.0.11.2.0(transitive)
+ Addedultron@1.1.1(transitive)
+ Addedundici-types@6.19.8(transitive)
+ Addedws@3.3.3(transitive)