knockout - npm Package Compare versions

Comparing version 2.1.0 to 2.2.1

package.json

 {
-  "name"          : "knockout",
-  "version"       : "2.1.0",
-  "description"   : "NodeJs Testable version of client script which Simplifies Dynamic JavaScript UIs by applying the Model-View-ViewModel (MVVM) Pattern.",
-  "repository"    : {
-    "type"        : "git",
-    "url"         : "https://github.com/mtscout6/knockout-node"
+  "name": "knockout",
+  "description": "Knockout makes it easier to create rich, responsive UIs with JavaScript",
+  "url": "http://knockoutjs.com/",
+  "version": "2.2.1",
+  "license": "MIT",
+  "author": "The Knockout.js team",
+  "main": "build/output/knockout-latest.debug.js",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/SteveSanderson/knockout.git"
   },
-  "keywords"      : ["testing", "mvvm"],
-  "author"        : "Steven Sanderson",
-  "contributors"  : ["Matthew Smith <mtscout6@gmail.com>"],
-  "maintainers"   : "Matthew Smith <mtscout6@gmail.com>",
-  "licenses"      : ["MIT"],
-  "dependencies"  : {"jsdom" : "=0.2.1"},
-  "main"          : "lib/knockout.js"
-}
+  "bugs": "https://github.com/SteveSanderson/knockout/issues"
+}

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

Improved metrics

Dependency count

0

decreased by-100%

Number of package files

4

increased by33.33%

Lines of code

3375

increased by11.31%

Number of medium quality alerts

0

decreased by-100%

Number of lines in readme file

31

increased byInfinity%

Worsened metrics

Total package byte prevSize

223586

decreased by-35.25%

Dependency changes

• - Removedjsdom@=0.2.1