lws - npm Package Compare versions

Comparing version 4.0.0-2 to 4.0.0

package.json

 {
   "name": "lws",
   "author": "Lloyd Brookes <75pound@gmail.com>",
-  "version": "4.0.0-2",
+  "version": "4.0.0",
   "description": "A lean, modular web server for rapid full-stack development",
@@ -11,5 +11,7 @@ "repository": "https://github.com/lwsjs/lws.git",
   },
-  "main": "./index.mjs",
   "exports": {
-    ".": "./index.mjs",
+    ".": {
+      "import": "./index.mjs",
+      "require": "./dist/index.cjs"
+    },
     "./*": "./*"
@@ -32,5 +34,6 @@ },
   "scripts": {
-    "test": "test-runner test/*.mjs test/internals/*.mjs",
+    "test": "test-runner test/*.?js test/internals/*.mjs",
     "cover": "TESTOPEN=true c8 -r html -r text npm test && c8 report --reporter=text-lcov | coveralls",
-    "docs": "jsdoc2md -c jsdoc.conf lib/middleware-plugin.mjs > doc/middleware-plugin.md && jsdoc2md -c jsdoc.conf --private index.mjs > doc/lws.md && jsdoc2md -c jsdoc.conf lib/view/view-plugin.mjs > doc/view-plugin.md && jsdoc2md -c jsdoc.conf lib/config.mjs > doc/config.md"
+    "docs": "jsdoc2md -c jsdoc.conf lib/middleware-plugin.mjs > doc/middleware-plugin.md && jsdoc2md -c jsdoc.conf --private index.mjs > doc/lws.md && jsdoc2md -c jsdoc.conf lib/view/view-plugin.mjs > doc/view-plugin.md && jsdoc2md -c jsdoc.conf lib/config.mjs > doc/config.md",
+    "dist": "rollup -c"
   },
@@ -41,16 +44,17 @@ "files": [
     "lib",
-    "bin"
+    "bin",
+    "dist"
   ],
   "dependencies": {
     "@75lb/deep-merge": "^1.0.0",
-    "ansi-escape-sequences": "^6.0.1",
-    "array-back": "^6.0.1",
-    "byte-size": "^7.0.1",
+    "ansi-escape-sequences": "^6.1.0",
+    "array-back": "^6.1.2",
+    "byte-size": "^8.0.0",
     "command-line-args": "^5.1.1",
     "command-line-usage": "^6.1.1",
     "create-mixin": "^3.0.0",
-    "current-module-paths": "^0.1.0",
+    "current-module-paths": "^1.0.0",
     "koa": "^2.13.1",
     "load-module": "^4.0.1",
-    "open": "^8.2.0",
+    "open": "^8.2.1",
     "qrcode-terminal": "^0.12.0",
@@ -61,9 +65,13 @@ "typical": "^7.0.0",
   "devDependencies": {
-    "c8": "^7.7.2",
-    "coveralls": "^3.1.0",
+    "@rollup/plugin-commonjs": "^19.0.0",
+    "@rollup/plugin-json": "^4.1.0",
+    "@rollup/plugin-node-resolve": "^13.0.0",
+    "c8": "^7.7.3",
+    "coveralls": "^3.1.1",
     "jsdoc-to-markdown": "^7.0.1",
     "lws-static": "^2.0.0",
     "node-fetch": "^2.6.1",
+    "rollup": "^2.52.7",
     "sleep-anywhere": "^1.1.3",
-    "test-runner": "^0.9.2"
+    "test-runner": "^0.9.6"
   },
@@ -70,0 +78,0 @@ "contributors": [

README.md

@@ -5,3 +5,3 @@ [![view on npm](https://badgen.net/npm/v/lws)](https://www.npmjs.org/package/lws)
 [![Gihub package dependents](https://badgen.net/github/dependents-pkg/lwsjs/lws)](https://github.com/lwsjs/lws/network/dependents?dependent_type=PACKAGE)
-[![Build Status](https://travis-ci.org/lwsjs/lws.svg?branch=master)](https://travis-ci.org/lwsjs/lws)
+[![Node.js CI](https://github.com/lwsjs/lws/actions/workflows/node.js.yml/badge.svg)](https://github.com/lwsjs/lws/actions/workflows/node.js.yml)
 [![Coverage Status](https://coveralls.io/repos/github/lwsjs/lws/badge.svg)](https://coveralls.io/github/lwsjs/lws)
@@ -79,3 +79,3 @@ [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](https://github.com/feross/standard)
 
-module.exports = ExamplePlugin
+export default ExamplePlugin
 ```
@@ -82,0 +82,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 6 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

546436

increased by444.85%

Number of package files

22

increased by4.76%

Lines of code

22094

increased by1817.88%

Number of low quality alerts

1

decreased by-50%

Worsened metrics

Dev dependency count

11

increased by57.14%

Number of low supply chain risk alerts

24

increased by500%

Number of medium supply chain risk alerts

13

increased by225%

Dependency changes

• + Addedbyte-size@8.2.1(transitive)

• + Addedcurrent-module-paths@1.1.2(transitive)

• - Removedbyte-size@7.0.1(transitive)

• - Removedcurrent-module-paths@0.1.0(transitive)

• Updatedansi-escape-sequences@^6.1.0

• Updatedarray-back@^6.1.2

• Updatedbyte-size@^8.0.0

• Updatedcurrent-module-paths@^1.0.0

• Updatedopen@^8.2.1