http-signature
Advanced tools
Comparing version 0.9.5 to 0.9.6
@@ -5,3 +5,3 @@ { | ||
| "description": "Reference implementation of Joyent's HTTP Signature Scheme", | ||
| "version": "0.9.5", | ||
| "version": "0.9.6", | ||
| "homepage": "http://www.joyent.com", | ||
@@ -21,4 +21,4 @@ "repository": { | ||
| "dependencies": { | ||
| "asn1": "0.1.7", | ||
| "ctype": "0.1.0", | ||
| "asn1": "0.1.9", | ||
| "ctype": "0.3.1", | ||
| "sprintf": "0.1.1" | ||
@@ -29,4 +29,4 @@ }, | ||
| "node-uuid": "1.2.0", | ||
| "tap": "0.0.9" | ||
| "tap": "0.0.14" | ||
| } | ||
| } |
New alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
Non-existent author
Supply chain riskThe package was published by an npm account that no longer exists.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
55671
- Number of high supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Number of medium supply chain risk alerts
- increased by14.29%
8
Dependency changes
+ Addedasn1@0.1.9(transitive)
+ Addedctype@0.3.1(transitive)
- Removedasn1@0.1.7(transitive)
- Removedctype@0.1.0(transitive)
Updatedasn1@0.1.9
Updatedctype@0.3.1