nightframe - npm Package Compare versions

Comparing version 0.0.1 to 0.0.2

package.json

 {
   "name": "nightframe",
-  "version": "0.0.1",
-  "description": "",
-  "main": "index.js",
+  "version": "0.0.2",
+  "description": "A small Node.js web application framework built on top of Express",
+  "author": {
+    "name": "Pine View Software AS",
+    "email": "hello@pineview.io"
+  },
+  "contributors": [
+    "Andrei Rusu <andrei@pineview.io>",
+    "Oana Botezat <oana@pineview.io>"
+  ],
+  "bugs": "https://github.com/pineviewlabs/nightframe/issues",
+  "repository": {
+    "type": "git",
+    "url": "git@github.com:pineviewlabs/nightframe.git"
+  },
+  "main": "./lib/index.js",
+  "bin": {
+    "nightframe": "./bin/nightframe.js"
+  },
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "eslint": "eslint .",
+    "test": "cd test/ && mocha src --recursive && cd .."
   },
-  "author": "",
-  "license": "MIT"
+  "license": "MIT",
+  "engines": {
+    "node": ">= 8.0.0"
+  },
+  "keywords": [
+    "node.js",
+    "express.js"
+  ],
+  "files": [
+    "bin",
+    "lib",
+    "util",
+    "README.md",
+    "LICENSE.md",
+    "index.js"
+  ],
+  "devDependencies": {
+    "eslint": "^4.17.0",
+    "mocha": "^7.0.0"
+  },
+  "dependencies": {
+    "body-parser": "^1.19.0",
+    "chalk": "^4.1.0",
+    "cookie-parser": "^1.4.5",
+    "dotenv": "^8.2.0",
+    "envinfo": "^7.7.3",
+    "express": "^4.17.1",
+    "helmet": "^4.1.1",
+    "http-errors": "^1.8.0",
+    "lodash.defaultsdeep": "^4.6.1",
+    "lodash.merge": "^4.6.2",
+    "minimist": "^1.2.5",
+    "mkdirp": "^1.0.4",
+    "morgan": "^1.10.0",
+    "uuid": "^8.3.0",
+    "winston": "^3.3.3"
+  }
 }

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

46158

increased by22306.8%

Number of package files

17

increased by1600%

Lines of code

1428

increased byInfinity%

Number of low maintenance alerts

1

decreased by-50%

Number of low quality alerts

2

decreased by-33.33%

Number of medium quality alerts

1

decreased by-50%

Number of lines in readme file

3

increased byInfinity%

Worsened metrics

Dependency count

15

increased byInfinity%

Dev dependency count

2

increased byInfinity%

Number of low supply chain risk alerts

19

increased by1800%

Number of medium supply chain risk alerts

4

increased by300%

Dependency changes

• + Addedbody-parser@^1.19.0

• + Addedchalk@^4.1.0

• + Addedcookie-parser@^1.4.5

• + Addeddotenv@^8.2.0

• + Addedenvinfo@^7.7.3

• + Addedexpress@^4.17.1

• + Addedhelmet@^4.1.1

• + Addedhttp-errors@^1.8.0

• + Addedlodash.defaultsdeep@^4.6.1

• + Addedlodash.merge@^4.6.2

• + Addedminimist@^1.2.5

• + Addedmkdirp@^1.0.4

• + Addedmorgan@^1.10.0

• + Addeduuid@^8.3.0

• + Addedwinston@^3.3.3

• + Added@colors/colors@1.6.0(transitive)

• + Added@dabh/diagnostics@2.0.3(transitive)

• + Added@types/triple-beam@1.3.5(transitive)

• + Addedaccepts@1.3.8(transitive)

• + Addedansi-styles@4.3.0(transitive)

• + Addedarray-flatten@1.1.1(transitive)

• + Addedasync@3.2.6(transitive)

• + Addedbasic-auth@2.0.1(transitive)

• + Addedbody-parser@1.20.3(transitive)

• + Addedbytes@3.1.2(transitive)

• + Addedcall-bind-apply-helpers@1.0.2(transitive)

• + Addedcall-bound@1.0.3(transitive)

• + Addedchalk@4.1.2(transitive)

• + Addedcolor@3.2.1(transitive)

• + Addedcolor-convert@1.9.32.0.1(transitive)

• + Addedcolor-name@1.1.31.1.4(transitive)

• + Addedcolor-string@1.9.1(transitive)

• + Addedcolorspace@1.1.4(transitive)

• + Addedcontent-disposition@0.5.4(transitive)

• + Addedcontent-type@1.0.5(transitive)

• + Addedcookie@0.7.10.7.2(transitive)

• + Addedcookie-parser@1.4.7(transitive)

• + Addedcookie-signature@1.0.6(transitive)

• + Addeddebug@2.6.9(transitive)

• + Addeddepd@1.1.22.0.0(transitive)

• + Addeddestroy@1.2.0(transitive)

• + Addeddotenv@8.6.0(transitive)

• + Addeddunder-proto@1.0.1(transitive)

• + Addedee-first@1.1.1(transitive)

• + Addedenabled@2.0.0(transitive)

• + Addedencodeurl@1.0.22.0.0(transitive)

• + Addedenvinfo@7.14.0(transitive)

• + Addedes-define-property@1.0.1(transitive)

• + Addedes-errors@1.3.0(transitive)

• + Addedes-object-atoms@1.1.1(transitive)

• + Addedescape-html@1.0.3(transitive)

• + Addedetag@1.8.1(transitive)

• + Addedexpress@4.21.2(transitive)

• + Addedfecha@4.2.3(transitive)

• + Addedfinalhandler@1.3.1(transitive)

• + Addedfn.name@1.1.0(transitive)

• + Addedforwarded@0.2.0(transitive)

• + Addedfresh@0.5.2(transitive)

• + Addedfunction-bind@1.1.2(transitive)

• + Addedget-intrinsic@1.2.7(transitive)

• + Addedget-proto@1.0.1(transitive)

• + Addedgopd@1.2.0(transitive)

• + Addedhas-flag@4.0.0(transitive)

• + Addedhas-symbols@1.1.0(transitive)

• + Addedhasown@2.0.2(transitive)

• + Addedhelmet@4.6.0(transitive)

• + Addedhttp-errors@1.8.12.0.0(transitive)

• + Addediconv-lite@0.4.24(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedipaddr.js@1.9.1(transitive)

• + Addedis-arrayish@0.3.2(transitive)

• + Addedis-stream@2.0.1(transitive)

• + Addedkuler@2.0.0(transitive)

• + Addedlodash.defaultsdeep@4.6.1(transitive)

• + Addedlodash.merge@4.6.2(transitive)

• + Addedlogform@2.7.0(transitive)

• + Addedmath-intrinsics@1.1.0(transitive)

• + Addedmedia-typer@0.3.0(transitive)

• + Addedmerge-descriptors@1.0.3(transitive)

• + Addedmethods@1.1.2(transitive)

• + Addedmime@1.6.0(transitive)

• + Addedmime-db@1.52.0(transitive)

• + Addedmime-types@2.1.35(transitive)

• + Addedminimist@1.2.8(transitive)

• + Addedmkdirp@1.0.4(transitive)

• + Addedmorgan@1.10.0(transitive)

• + Addedms@2.0.02.1.3(transitive)

• + Addednegotiator@0.6.3(transitive)

• + Addedobject-inspect@1.13.4(transitive)

• + Addedon-finished@2.3.02.4.1(transitive)

• + Addedon-headers@1.0.2(transitive)

• + Addedone-time@1.0.0(transitive)

• + Addedparseurl@1.3.3(transitive)

• + Addedpath-to-regexp@0.1.12(transitive)

• + Addedproxy-addr@2.0.7(transitive)

• + Addedqs@6.13.0(transitive)

• + Addedrange-parser@1.2.1(transitive)

• + Addedraw-body@2.5.2(transitive)

• + Addedreadable-stream@3.6.2(transitive)

• + Addedsafe-buffer@5.1.25.2.1(transitive)

• + Addedsafe-stable-stringify@2.5.0(transitive)

• + Addedsafer-buffer@2.1.2(transitive)

• + Addedsend@0.19.0(transitive)

• + Addedserve-static@1.16.2(transitive)

• + Addedsetprototypeof@1.2.0(transitive)

• + Addedside-channel@1.1.0(transitive)

• + Addedside-channel-list@1.0.0(transitive)

• + Addedside-channel-map@1.0.1(transitive)

• + Addedside-channel-weakmap@1.0.2(transitive)

• + Addedsimple-swizzle@0.2.2(transitive)

• + Addedstack-trace@0.0.10(transitive)

• + Addedstatuses@1.5.02.0.1(transitive)

• + Addedstring_decoder@1.3.0(transitive)

• + Addedsupports-color@7.2.0(transitive)

• + Addedtext-hex@1.0.0(transitive)

• + Addedtoidentifier@1.0.1(transitive)

• + Addedtriple-beam@1.4.1(transitive)

• + Addedtype-is@1.6.18(transitive)

• + Addedunpipe@1.0.0(transitive)

• + Addedutil-deprecate@1.0.2(transitive)

• + Addedutils-merge@1.0.1(transitive)

• + Addeduuid@8.3.2(transitive)

• + Addedvary@1.1.2(transitive)

• + Addedwinston@3.17.0(transitive)

• + Addedwinston-transport@4.9.0(transitive)