node-apex-api-security - npm Package Compare versions

Comparing version 1.0.5 to 1.0.6

CHANGELOG.md

@@ -6,2 +6,6 @@ # Change Log
 
+### V1.0.6
++ Fixed issue #34 by moving test suite data package to dev dependency. 
++ Bump node dependencies to latest 
+
 ### V1.0.5
@@ -8,0 +12,0 @@ + Fixed Bug on signature URL when appending with standard HTTP/HTTPS Port

package.json

 {
   "name": "node-apex-api-security",
-  "version": "1.0.5",
+  "version": "1.0.6",
   "description": "APEX API security utiity. Includes helper operations to generate HMAC-SHA256 and RSA-SHA256 signatures",
@@ -16,3 +16,2 @@ "main": "index.js",
     "querystring": "^0.2.0",
-    "test-suites-apex-api-security": "git+https://github.com/GovTechSG/test-suites-apex-api-security.git",
     "winston": "^2.4.4"
@@ -23,10 +22,11 @@ },
     "chai-as-promised": "^7.1.1",
-    "coveralls": "^3.0.2",
-    "eslint": "^5.10.0",
-    "eslint-plugin-import": "^2.14.0",
-    "eslint-plugin-node": "^8.0.0",
-    "eslint-plugin-promise": "^4.0.1",
+    "coveralls": "^3.0.3",
+    "eslint": "^5.16.0",
+    "eslint-plugin-import": "^2.17.2",
+    "eslint-plugin-node": "^8.0.1",
+    "eslint-plugin-promise": "^4.1.1",
     "eslint-plugin-security": "^1.4.0",
-    "mocha": "^5.2.0",
-    "nyc": "^13.1.0"
+    "mocha": "^6.1.3",
+    "test-suites-apex-api-security": "git+https://github.com/GovTechSG/test-suites-apex-api-security.git",
+    "nyc": "^14.0.0"
   },
@@ -33,0 +33,0 @@ "repository": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Git dependency

Supply chain risk

Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

38273

increased by19.58%

Dependency count

4

decreased by-20%

Number of package files

12

increased by9.09%

Number of high supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dev dependency count

11

increased by10%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• - Removedtest-suites-apex-api-security@git+https://github.com/GovTechSG/test-suites-apex-api-security.git