h1-cli-ext-root-auth - npm Package Compare versions

Comparing version 0.0.1-security to 1.0.1-alpha.0

package.json

 {
   "name": "h1-cli-ext-root-auth",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder",
-  "dependencies": {}
+  "version": "1.0.1-alpha.0+e551d3a",
+  "description": "",
+  "main": "dist/index.js",
+  "scripts": {
+    "build": "webpack",
+    "watch": "webpack --watch"
+  },
+  "devDependencies": {
+    "webpack": "^4.43.0",
+    "webpack-cli": "^3.3.12",
+    "webpack-dev-server": "^3.11.0"
+  },
+  "author": "Adam Dobrawy",
+  "license": "MIT",
+  "gitHead": "e551d3ad080920c33aaa9c32235eca2703f37c5c",
+  "dependencies": {
+    "h1-cli-framework": "^1.0.1-alpha.1"
+  }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Known malware

Supply chain risk

This package is malware. We have asked the package registry to remove it.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No License Found

License

(Experimental) License information could not be found.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

10047

increased by1901.39%

Number of package files

5

increased by150%

Number of low license alerts

0

decreased by-100%

Lines of code

185

increased byInfinity%

Number of low maintenance alerts

1

decreased by-50%

Number of critical supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

1

increased byInfinity%

Dev dependency count

3

increased byInfinity%

Number of medium quality alerts

2

increased by100%

Number of lines in readme file

0

decreased by-100%

Number of low supply chain risk alerts

2

increased by100%

Number of medium supply chain risk alerts

2

increased by100%

Dependency changes

• + Addedh1-cli-framework@^1.0.1-alpha.1

• + Addedansi-styles@3.2.1(transitive)

• + Addedarray-back@3.1.04.0.2(transitive)

• + Addedchalk@2.4.2(transitive)

• + Addedcolor-convert@1.9.3(transitive)

• + Addedcolor-name@1.1.3(transitive)

• + Addedcommand-line-args@5.2.1(transitive)

• + Addedcommand-line-usage@6.1.3(transitive)

• + Addeddeep-extend@0.6.0(transitive)

• + Addedescape-string-regexp@1.0.5(transitive)

• + Addedfind-replace@3.0.0(transitive)

• + Addedh1-cli-framework@1.0.1-alpha.1(transitive)

• + Addedhas-flag@3.0.0(transitive)

• + Addedlodash.camelcase@4.3.0(transitive)

• + Addedmeant@1.0.3(transitive)

• + Addedreduce-flatten@2.0.0(transitive)

• + Addedsupports-color@5.5.0(transitive)

• + Addedtable-layout@1.0.2(transitive)

• + Addedtypical@4.0.05.2.0(transitive)

• + Addedwordwrapjs@4.0.1(transitive)