lerna-test-pkg1 - npm Package Compare versions

Comparing version 0.7.4-alpha.1 to 0.7.4-alpha.2

package.json

 {
     "name": "lerna-test-pkg1",
-    "version": "0.7.4-alpha.1+9874cc7",
+    "version": "0.7.4-alpha.2+2beff7e",
     "description": "",
@@ -9,5 +9,5 @@ "main": "index.js",
     },
-    "author": "long odd code",
+    "author": "long odd code ",
     "license": "MIT",
-    "gitHead": "9874cc751eb490fcee40360f0a0683de743151b3"
+    "gitHead": "2beff7e5259685541de508a7ac4782a74f841c2a"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1385

increased by0.07%

Worsened metrics

Number of medium supply chain risk alerts

3

increased by50%

No dependency changes