mehdown - npm Package Compare versions
Comparing version 2.27.1 to 2.27.2
| { | ||
| "dependencies": { | ||
| "async": "2.1.x", | ||
| "cowsay": "mediocre/cowsay", | ||
| "async": "2.4.x", | ||
| "cowsay": "git://github.com/mediocre/cowsay.git", | ||
| "emojione": "2.2.7", | ||
@@ -9,3 +9,3 @@ "flip": "1.0.x", | ||
| "lolspeak": "1.4.x", | ||
| "lunr": "1.0.x", | ||
| "lunr": "2.1.x", | ||
| "markdown-it": "8.3.x", | ||
@@ -27,3 +27,5 @@ "minimist": "1.2.x", | ||
| }, | ||
| "keywords": ["markdown"], | ||
| "keywords": [ | ||
| "markdown" | ||
| ], | ||
| "main": "./lib", | ||
@@ -36,3 +38,3 @@ "name": "mehdown", | ||
| }, | ||
| "version": "2.27.1" | ||
| "version": "2.27.2" | ||
| } |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.01%
577205
- Number of medium supply chain risk alerts
- decreased by-50%
1
Dependency changes
+ Addedasync@2.4.1(transitive)
+ Addedlunr@2.1.6(transitive)
- Removedasync@2.1.5(transitive)
- Removedlunr@1.0.0(transitive)
Updatedasync@2.4.x
Updatedlunr@2.1.x