melody-compiler - npm Package Compare versions

Comparing version 1.5.0 to 1.5.1-ed89a02.5

package.json

 {
   "name": "melody-compiler",
-  "version": "1.5.0",
+  "version": "1.5.1-ed89a02.5+ed89a02",
   "description": "",
@@ -17,3 +17,3 @@ "main": "./lib/index.js",
     "lodash": "^4.12.0",
-    "melody-code-frame": "^1.5.0",
+    "melody-code-frame": "1.5.1-ed89a02.5+ed89a02",
     "random-seed": "^0.3.0"
@@ -29,6 +29,6 @@ },
   "devDependencies": {
-    "melody-extension-core": "^1.5.0",
-    "melody-plugin-idom": "^1.5.0"
+    "melody-extension-core": "1.5.1-ed89a02.5+ed89a02",
+    "melody-plugin-idom": "1.5.1-ed89a02.5+ed89a02"
   },
-  "gitHead": "6730ddfaafc4f3a69de46806f8a2d050821c5bb0"
+  "gitHead": "ed89a02b07f9019a14fe422ce58ec3a9d8cbea83"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

211221

increased by0.03%

Worsened metrics

Number of low quality alerts

2

increased by100%

Number of medium supply chain risk alerts

2

increased byInfinity%

Dependency changes

• Updatedmelody-code-frame@1.5.1-ed89a02.5+ed89a02