libsodium-neon - npm Package Compare versions

Comparing version 2.1.0 to 2.1.1-autobuild

package.json

 {
   "dependencies": {
-    "neon-cli": "0.1.17"
+    "neon-cli": "0.1.20"
   },
-  "description": "Node.js bindings to sodiumoxide.",
+  "description": "Node.js bindings to rust_sodium.",
   "devDependencies": {
-    "eslint": "3.17.1",
-    "jasmine": "2.5.3",
-    "libsodium-wrappers-sumo": "0.4.9"
+    "cross-env": "5.0.5",
+    "eslint": "4.7.2",
+    "jasmine": "2.8.0",
+    "libsodium-wrappers-sumo": "0.5.4"
   },
@@ -20,5 +21,7 @@ "license": "GPL-3.0",
     "lint": "eslint .",
-    "test": "jasmine test"
+    "build": "neon build",
+    "postinstall": "neon build || echo \"Warning: could not install libsodium-neon.\"",
+    "test": "cross-env JASMINE_CONFIG_PATH=test/support/jasmine.json jasmine"
   },
-  "version": "2.1.0"
+  "version": "2.1.1-autobuild"
 }

README.md

@@ -24,4 +24,4 @@ # Wire
 - [Node.js](https://nodejs.org/)
-- Rust (use [rustup](https://rustup.rs/))
-- [Neon](https://github.com/neon-bindings/neon)
+- [Rust](https://www.rust-lang.org/install.html)
+- For Windows also [windows-build-tools](https://www.npmjs.com/package/windows-build-tools)
 
@@ -37,9 +37,9 @@
 
-Afterwards you need to build the project:
+Afterwards you can build the project:
 
 ```bash
-neon build
+npm run build
 ```
 
-To test it with node, run:
+To test the native module, run:
 
@@ -46,0 +46,0 @@ ```bash

New alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

94333

increased by52.2%

Number of high maintenance alerts

0

decreased by-100%

Number of low supply chain risk alerts

1

decreased by-66.67%

Worsened metrics

Dev dependency count

4

increased by33.33%

Number of package files

17

decreased by-19.05%

Lines of code

78

decreased by-64.71%

Number of low quality alerts

2

increased by100%

Number of high supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedneon-cli@0.1.20(transitive)

• - Removedneon-cli@0.1.17(transitive)

• Updatedneon-cli@0.1.20