libnpmfund
Advanced tools
libnpmfund - npm Package Compare versions
Comparing version 2.0.2 to 3.0.0
| { | ||
| "name": "libnpmfund", | ||
| "version": "2.0.2", | ||
| "version": "3.0.0", | ||
| "main": "lib/index.js", | ||
@@ -45,6 +45,7 @@ "files": [ | ||
| "devDependencies": { | ||
| "@npmcli/template-oss": "^2.4.2", | ||
| "tap": "^15.0.9" | ||
| }, | ||
| "dependencies": { | ||
| "@npmcli/arborist": "^4.0.0" | ||
| "@npmcli/arborist": "^5.0.0" | ||
| }, | ||
@@ -55,4 +56,4 @@ "engines": { | ||
| "templateOSS": { | ||
| "version": "2.4.1" | ||
| "version": "2.4.3" | ||
| } | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.35%
10907
- Number of medium supply chain risk alerts
- decreased by-50%
1
Worsened metrics
- Dev dependency count
- increased by100%
2
Dependency changes
+ Added@npmcli/arborist@5.6.3(transitive)
+ Added@npmcli/git@3.0.2(transitive)
+ Added@npmcli/metavuln-calculator@3.1.1(transitive)
+ Added@npmcli/node-gyp@2.0.0(transitive)
+ Added@npmcli/package-json@2.0.0(transitive)
+ Added@npmcli/promise-spawn@3.0.0(transitive)
+ Added@npmcli/query@1.2.0(transitive)
+ Added@npmcli/run-script@4.2.1(transitive)
+ Addedbuiltins@5.1.0(transitive)
+ Addedcssesc@3.0.0(transitive)
+ Addedexponential-backoff@3.1.1(transitive)
+ Addedfunction-bind@1.1.2(transitive)
+ Addedhasown@2.0.2(transitive)
+ Addedhosted-git-info@5.2.1(transitive)
+ Addedignore-walk@5.0.1(transitive)
+ Addedis-core-module@2.16.1(transitive)
+ Addednode-gyp@9.4.1(transitive)
+ Addednopt@6.0.0(transitive)
+ Addednormalize-package-data@4.0.1(transitive)
+ Addednpm-bundled@2.0.1(transitive)
+ Addednpm-install-checks@5.0.0(transitive)
+ Addednpm-package-arg@9.1.2(transitive)
+ Addednpm-packlist@5.1.3(transitive)
+ Addednpm-pick-manifest@7.0.2(transitive)
+ Addednpm-registry-fetch@13.3.1(transitive)
+ Addedpacote@13.6.2(transitive)
+ Addedpostcss-selector-parser@6.1.2(transitive)
+ Addedproc-log@2.0.1(transitive)
+ Addedread-package-json@5.0.2(transitive)
+ Addedspdx-correct@3.2.0(transitive)
+ Addedspdx-exceptions@2.5.0(transitive)
+ Addedspdx-expression-parse@3.0.1(transitive)
+ Addedspdx-license-ids@3.0.20(transitive)
+ Addedtreeverse@2.0.0(transitive)
+ Addedvalidate-npm-package-license@3.0.4(transitive)
+ Addedvalidate-npm-package-name@4.0.0(transitive)
- Removed@npmcli/arborist@4.3.1(transitive)
- Removed@npmcli/fs@1.1.1(transitive)
- Removed@npmcli/git@2.1.0(transitive)
- Removed@npmcli/metavuln-calculator@2.0.0(transitive)
- Removed@npmcli/move-file@1.1.2(transitive)
- Removed@npmcli/node-gyp@1.0.3(transitive)
- Removed@npmcli/package-json@1.0.1(transitive)
- Removed@npmcli/promise-spawn@1.3.2(transitive)
- Removed@npmcli/run-script@2.0.0(transitive)
- Removed@tootallnate/once@1.1.2(transitive)
- Removedbuiltins@1.0.3(transitive)
- Removedcacache@15.3.0(transitive)
- Removedhosted-git-info@4.1.0(transitive)
- Removedhttp-proxy-agent@4.0.1(transitive)
- Removedignore-walk@4.0.1(transitive)
- Removedlru-cache@6.0.0(transitive)
- Removedmake-fetch-happen@9.1.0(transitive)
- Removedminipass-fetch@1.4.1(transitive)
- Removednode-gyp@8.4.1(transitive)
- Removednopt@5.0.0(transitive)
- Removednpm-install-checks@4.0.0(transitive)
- Removednpm-package-arg@8.1.5(transitive)
- Removednpm-packlist@3.0.0(transitive)
- Removednpm-pick-manifest@6.1.1(transitive)
- Removednpm-registry-fetch@12.0.2(transitive)
- Removedpacote@12.0.3(transitive)
- Removedproc-log@1.0.0(transitive)
- Removedsocks-proxy-agent@6.2.1(transitive)
- Removedssri@8.0.1(transitive)
- Removedtreeverse@1.0.4(transitive)
- Removedunique-filename@1.1.1(transitive)
- Removedunique-slug@2.0.2(transitive)
- Removedvalidate-npm-package-name@3.0.0(transitive)
Updated@npmcli/arborist@^5.0.0