libnpmfund - npm Package Compare versions

Comparing version 3.0.0 to 3.0.1

package.json

 {
   "name": "libnpmfund",
-  "version": "3.0.0",
+  "version": "3.0.1",
   "main": "lib/index.js",
@@ -10,3 +10,7 @@ "files": [
   "description": "Programmatic API for npm fund",
-  "repository": "https://github.com/npm/libnpmfund",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/npm/cli",
+    "directory": "workspaces/libnpmfund"
+  },
   "keywords": [
@@ -40,3 +44,4 @@ "npm",
     "prepublishOnly": "git push origin --follow-tags",
-    "postlint": "npm-template-check"
+    "postlint": "npm-template-check",
+    "template-copy": "npm-template-copy --force"
   },
@@ -57,4 +62,4 @@ "tap": {
   "templateOSS": {
-    "version": "2.4.3"
+    "version": "2.9.2"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

11028

increased by1.11%

Number of low supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

0

decreased by-100%

No dependency changes