marklogic - npm Package Compare versions

Comparing version 2.9.0 to 2.9.1

package.json

@@ -6,3 +6,3 @@ {
   "homepage": "http://github.com/marklogic/node-client-api",
-  "version": "2.9.0",
+  "version": "2.9.1",
   "license": "Apache-2.0",
@@ -14,3 +14,4 @@ "main": "./lib/marklogic.js",
     "test:teardown": "node etc/test-teardown.js",
-    "test": "gulp test"
+    "test": "gulp test",
+    "preinstall": "([ ! -f package-lock.json ] && npm install --package-lock-only --ignore-scripts); yes | npx npm-force-resolutions"
   },
@@ -33,7 +34,7 @@ "keywords": [
     "deepcopy": "^2.1.0",
-    "dicer": "^0.3.0",
+    "dicer": "^0.3.1",
     "duplexify": "^4.1.2",
-    "json-text-sequence": "^0.3.0",
+    "json-text-sequence": "^1.0.1",
     "multipart-stream": "^2.0.1",
-    "qs": "^6.10.1",
+    "qs": "^6.11.0",
     "through2": "^4.0.2",
@@ -50,8 +51,8 @@ "www-authenticate": "^0.6.2"
   "devDependencies": {
-    "ajv": "^8.0.1",
+    "ajv": "^8.11.0",
     "ast-types": "^0.14.2",
-    "astring": "^1.7.0",
+    "astring": "^1.8.3",
     "bunyan": "^1.8.15",
-    "chai": "^4.3.4",
-    "core-util-is": "^1.0.2",
+    "chai": "^4.3.6",
+    "core-util-is": "^1.0.3",
     "gulp": "^4.0.2",
@@ -62,16 +63,21 @@ "gulp-jsdoc3": "^3.0.0",
     "intercept-stdout": "^0.1.2",
-    "jsdoc": "^3.6.6",
-    "jshint": "^2.12.0",
-    "mocha": "^8.4.0",
-    "moment": "^2.29.1",
+    "jsdoc": "^3.6.11",
+    "jshint": "^2.13.5",
+    "mocha": "^10.0.0",
+    "moment": "^2.29.4",
     "read": "^1.0.7",
-    "sanitize-html": "^2.3.3",
     "should": "^13.2.3",
     "stream-to-array": "^2.3.0",
-    "winston": "^3.3.3"
+    "winston": "^3.8.2"
   },
   "optionalDependencies": {
-    "kerberos": "^1.1.4",
-    "vinyl": "^2.2.1"
+    "kerberos": "^2.0.1",
+    "vinyl": "^3.0.0"
+  },
+  "resolutions": {
+    "glob-parent": "^6.0.2",
+    "nanoid": "^3.1.31",
+    "simple-get": "^4.0.1",
+    "sanitize-html": "^2.7.2"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

NPM Shrinkwrap

Supply chain risk

Package contains a shrinkwrap file. This may allow the package to bypass normal install procedures.

Found 1 instance in 1 package

Improved metrics

Dev dependency count

19

decreased by-5%

Number of package files

86

increased by1.18%

Worsened metrics

Total package byte prevSize

2187854

decreased by-9.98%

Lines of code

29211

decreased by-18.53%

Dependency changes

• + Addedbare-events@2.5.0(transitive)

• + Addeddecompress-response@6.0.0(transitive)

• + Addeddetect-libc@2.0.3(transitive)

• + Addedfast-fifo@1.3.2(transitive)

• + Addedjson-text-sequence@1.0.1(transitive)

• + Addedkerberos@2.2.0(transitive)

• + Addedmimic-response@3.1.0(transitive)

• + Addednode-abi@3.71.0(transitive)

• + Addednode-addon-api@6.1.0(transitive)

• + Addedprebuild-install@7.1.2(transitive)

• + Addedqueue-tick@1.0.1(transitive)

• + Addedreplace-ext@2.0.0(transitive)

• + Addedsafe-buffer@5.2.1(transitive)

• + Addedsemver@7.6.3(transitive)

• + Addedsimple-get@4.0.1(transitive)

• + Addedstreamx@2.20.2(transitive)

• + Addedstring_decoder@1.3.0(transitive)

• + Addedteex@1.0.1(transitive)

• + Addedtext-decoder@1.2.1(transitive)

• + Addedvinyl@3.0.0(transitive)

• - Removedansi-regex@2.1.1(transitive)

• - Removedaproba@1.2.0(transitive)

• - Removedare-we-there-yet@1.1.7(transitive)

• - Removedclone-buffer@1.0.0(transitive)

• - Removedcloneable-readable@1.1.3(transitive)

• - Removedcode-point-at@1.1.0(transitive)

• - Removedconsole-control-strings@1.1.0(transitive)

• - Removedcore-util-is@1.0.3(transitive)

• - Removeddecompress-response@4.2.1(transitive)

• - Removeddelegates@1.0.0(transitive)

• - Removeddetect-libc@1.0.3(transitive)

• - Removedgauge@2.7.4(transitive)

• - Removedhas-unicode@2.0.1(transitive)

• - Removedis-fullwidth-code-point@1.0.0(transitive)

• - Removedisarray@1.0.0(transitive)

• - Removedjson-text-sequence@0.3.0(transitive)

• - Removedkerberos@1.1.7(transitive)

• - Removedmimic-response@2.1.0(transitive)

• - Removednan@2.22.0(transitive)

• - Removednode-abi@2.30.1(transitive)

• - Removednoop-logger@0.1.1(transitive)

• - Removednpmlog@4.1.2(transitive)

• - Removednumber-is-nan@1.0.1(transitive)

• - Removedobject-assign@4.1.1(transitive)

• - Removedprebuild-install@6.1.2(transitive)

• - Removedprocess-nextick-args@2.0.1(transitive)

• - Removedreadable-stream@2.3.8(transitive)

• - Removedreplace-ext@1.0.1(transitive)

• - Removedsafe-buffer@5.1.2(transitive)

• - Removedsemver@5.7.2(transitive)

• - Removedset-blocking@2.0.0(transitive)

• - Removedsignal-exit@3.0.7(transitive)

• - Removedsimple-get@3.1.1(transitive)

• - Removedstring-width@1.0.2(transitive)

• - Removedstring_decoder@1.1.1(transitive)

• - Removedstrip-ansi@3.0.1(transitive)

• - Removedvinyl@2.2.1(transitive)

• - Removedwide-align@1.1.5(transitive)

• Updateddicer@^0.3.1

• Updatedjson-text-sequence@^1.0.1

• Updatedqs@^6.11.0