history - npm Package Compare versions

Comparing version 0.1.0 to 1.0.0

package.json

 {
   "name": "history",
-  "version": "0.1.0",
-  "description": "Project history cli tool",
-  "keywords": [
-    "history",
-    "markdown",
-    "cli"
-  ],
-  "author": "Daniel D. Shaw <dshaw@dshaw.com> (http://dshaw.com)",
+  "version": "1.0.0",
+  "description": "A minimal, functional history implementation for JavaScript",
+  "main": "lib/index",
   "repository": {
     "type": "git",
-    "url": "git://github.com/dshaw/history.git"
+    "url": "https://github.com/rackt/history.git"
   },
-  "bugs": {
-    "url": "http://github.com/dshaw/history/issues"
+  "bugs": "https://github.com/rackt/history/issues",
+  "scripts": {
+    "build": "scripts/build.sh",
+    "prepublish": "npm run build",
+    "start": "webpack-dev-server -d --content-base ./ --history-api-fallback --inline modules/index.js",
+    "test": "eslint modules && karma start"
   },
-  "main": "./lib/history.js",
-  "bin": {
-    "hist": "./history.js"
+  "authors": [
+    "Michael Jackson"
+  ],
+  "license": "MIT",
+  "dependencies": {
+    "deep-equal": "^1.0.0",
+    "invariant": "^2.0.0",
+    "warning": "^2.0.0"
   },
-  "scripts": {
-    "test": "make test"
+  "devDependencies": {
+    "babel": "^5.4.7",
+    "babel-core": "^5.4.7",
+    "babel-eslint": "^3.1.23",
+    "babel-loader": "^5.0.0",
+    "eslint": "^1.0.0-rc-1",
+    "expect": "^1.8.0",
+    "karma": "^0.12.28",
+    "karma-browserstack-launcher": "^0.1.2",
+    "karma-chrome-launcher": "^0.1.7",
+    "karma-cli": "^0.0.4",
+    "karma-firefox-launcher": "^0.1.3",
+    "karma-mocha": "^0.1.10",
+    "karma-mocha-reporter": "^1.0.3",
+    "karma-sourcemap-loader": "^0.3.2",
+    "karma-webpack": "^1.3.1",
+    "mocha": "^2.0.1",
+    "webpack": "^1.4.13",
+    "webpack-dev-server": "^1.10.1"
   },
-  "dependencies": {},
-  "devDependencies": {},
-  "optionalDependencies": {},
-  "engines": {
-    "node": "*"
-  }
+  "tags": [
+    "history",
+    "location"
+  ],
+  "keywords": [
+    "history",
+    "location"
+  ]
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 7 instances in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No License Found

License

(Experimental) License information could not be found.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

106447

increased by1534.63%

Number of package files

31

increased by287.5%

Number of low license alerts

0

decreased by-100%

Lines of code

2373

increased by1364.81%

Number of low quality alerts

1

decreased by-50%

Number of lines in readme file

125

increased by127.27%

Worsened metrics

Dependency count

3

increased byInfinity%

Dev dependency count

18

increased byInfinity%

Number of low maintenance alerts

2

increased byInfinity%

Number of low supply chain risk alerts

9

increased by125%

Number of medium supply chain risk alerts

2

increased by100%

Dependency changes

• + Addeddeep-equal@^1.0.0

• + Addedinvariant@^2.0.0

• + Addedwarning@^2.0.0

• + Addedcall-bind@1.0.7(transitive)

• + Addeddeep-equal@1.1.2(transitive)

• + Addeddefine-data-property@1.1.4(transitive)

• + Addeddefine-properties@1.2.1(transitive)

• + Addedes-define-property@1.0.0(transitive)

• + Addedes-errors@1.3.0(transitive)

• + Addedfunction-bind@1.1.2(transitive)

• + Addedfunctions-have-names@1.2.3(transitive)

• + Addedget-intrinsic@1.2.4(transitive)

• + Addedgopd@1.0.1(transitive)

• + Addedhas-property-descriptors@1.0.2(transitive)

• + Addedhas-proto@1.0.3(transitive)

• + Addedhas-symbols@1.0.3(transitive)

• + Addedhas-tostringtag@1.0.2(transitive)

• + Addedhasown@2.0.2(transitive)

• + Addedinvariant@2.2.4(transitive)

• + Addedis-arguments@1.1.1(transitive)

• + Addedis-date-object@1.0.5(transitive)

• + Addedis-regex@1.1.4(transitive)

• + Addedjs-tokens@4.0.0(transitive)

• + Addedloose-envify@1.4.0(transitive)

• + Addedobject-is@1.1.6(transitive)

• + Addedobject-keys@1.1.1(transitive)

• + Addedregexp.prototype.flags@1.5.2(transitive)

• + Addedset-function-length@1.2.2(transitive)

• + Addedset-function-name@2.0.2(transitive)

• + Addedwarning@2.1.0(transitive)