melody-idom - npm Package Compare versions

Comparing version 1.5.1-ed89a02.5 to 1.6.0

package.json

 {
   "name": "melody-idom",
-  "version": "1.5.1-ed89a02.5+ed89a02",
+  "version": "1.6.0",
   "description": "",
@@ -17,3 +17,3 @@ "main": "./lib/index.js",
   },
-  "gitHead": "ed89a02b07f9019a14fe422ce58ec3a9d8cbea83"
+  "gitHead": "1d69e5a4480a400116355c11418f7a7df405c0a0"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Number of low quality alerts

1

decreased by-50%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

285468

decreased by-0.01%

No dependency changes