http - npm Package Compare versions

Comparing version 0.0.0 to 0.0.1-security

package.json

 {
   "name": "http",
-  "version": "0.0.0",
-  "description": "",
-  "main": "index.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
-  },
-  "author": "",
-  "license": "BSD-2-Clause"
+  "version": "0.0.1-security",
+  "description": "security holding package",
+  "repository": "npm/security-holder"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Known malware

Supply chain risk

This package is malware. We have asked the package registry to remove it.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No License Found

License

(Experimental) License information could not be found.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

464

increased by122.01%

Number of package files

2

increased by100%

Number of low quality alerts

2

decreased by-33.33%

Number of medium quality alerts

0

decreased by-100%

Number of lines in readme file

10

increased byInfinity%

Worsened metrics

Number of low license alerts

1

increased byInfinity%

Number of critical supply chain risk alerts

1

increased byInfinity%

Number of medium supply chain risk alerts

2

increased by100%

No dependency changes