natty-db - npm Package Compare versions

Comparing version 0.0.0 to 0.1.0

package.json

 {
   "name": "natty-db",
-  "version": "0.0.0",
-  "description": "A natty little data fetching tool for mobile project based on React that no longer needs to use zepto's ajax.",
-  "main": "dist/natty-db.js",
+  "version": "0.1.0",
+  "description": "An awesome natty little data fetching tool for mobile project that no longer needs to use zepto. ",
+  "repository": "https://github.com/Jias/natty-db.git",
+  "author": "gnosaij",
+  "main": "src/index.js",
+  "files": [
+    "dist",
+    "src",
+    "README.md",
+    "LICENSE"
+  ],
+  "keywords": [
+    "data, database, db, mobile-db, ajax, mobile-ajax, get, post, jsonp, query"
+  ],
+  "dependencies": {
+    "rsvp": "~3.1.0"
+  },
+  "devDependencies": {
+    "babel-loader": "^5.1.3",
+    "browser-sync": "~2.9.6",
+    "del": "^2.0.1",
+    "expect.js": "~0.3.1",
+    "express": "^4.13.3",
+    "gulp": "^3.9.0",
+    "gulp-rename": "^1.2.2",
+    "gulp-sourcemaps": "^1.5.2",
+    "gulp-uglify": "^1.4.0",
+    "mocha": "^2.3.0",
+    "mocha-loader": "~0.7.1",
+    "webpack-stream": "^2.1.0"
+  },
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "server": "node server/server.js",
+    "start": "gulp watch",
+    "build": "gulp pack && gulp min"
   },
-  "author": "gnosaij",
   "license": "MIT"
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

209898

increased by63893.29%

Number of package files

12

increased by1100%

Lines of code

2889

increased byInfinity%

Number of low quality alerts

2

decreased by-33.33%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

114

increased byInfinity%

Worsened metrics

Dependency count

1

increased byInfinity%

Dev dependency count

12

increased byInfinity%

Number of medium supply chain risk alerts

4

increased by300%

Dependency changes

• + Addedrsvp@~3.1.0

• + Addedrsvp@3.1.0(transitive)