node-vk-bot-api-i18n - npm Package Compare versions

Comparing version 0.0.1-security to 1.0.0

package.json

 {
   "name": "node-vk-bot-api-i18n",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.0.0",
+  "description": "I18n middleware for node-vk-bot-api",
+  "main": "lib/i18n.js",
+  "scripts": {
+    "test": "mocha test/i18n.test.js --exit --timeout 5000",
+    "eslint": "eslint ./",
+    "eslint:fix": "eslint ./ --fix"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/node-vk-bot-api/node-vk-bot-api-i18n.git"
+  },
+  "keywords": [
+    "vk",
+    "i18n",
+    "bot",
+    "node",
+    "bot",
+    "api"
+  ],
+  "author": "Mikhail Semin",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/node-vk-bot-api/node-vk-bot-api-i18n/issues"
+  },
+  "homepage": "https://github.com/node-vk-bot-api/node-vk-bot-api-i18n#readme",
+  "devDependencies": {
+    "chai": "^4.1.2",
+    "eslint": "^4.19.1",
+    "eslint-config-airbnb-base": "^13.0.0",
+    "eslint-plugin-import": "^2.13.0",
+    "mocha": "^5.2.0",
+    "node-vk-bot-api": "^2.4.2",
+    "sinon": "^6.1.4"
+  }
 }

README.md

@@ -1,9 +0,82 @@
-# Security holding package
+[![node-vk-bot-api-i18n](https://img.shields.io/npm/v/node-vk-bot-api-i18n.svg?style=flat-square)](https://www.npmjs.com/package/node-vk-bot-api-i18n/)
+[![node-vk-bot-api-i18n](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat-square)](http://standardjs.com/)
 
-This package name is not currently in use, but was formerly occupied
-by another package. To avoid malicious use, npm is hanging on to the
-package name, but loosely, and we'll probably give it to you if you
-want it.
+# node-vk-bot-api-i18n
 
-You may adopt this package by contacting support@npmjs.com and
-requesting the name.
+🇪🇺 I18n middleware for node-vk-bot-api.
+
+## Install
+
+```sh
+$ npm i node-vk-bot-api-i18n -S
+```
+
+## Tests
+
+Before you must set `TOKEN` and `GROUP_ID` in `process.env`.
+
+```sh
+$ npm test
+```
+
+## Usage
+
+```js
+const VkBot = require('node-vk-bot-api')
+const Session = require('node-vk-bot-api/lib/session')
+const I18n = require('node-vk-bot-api-i18n')
+const path = require('path')
+
+const bot = new VkBot({
+  token: process.env.TOKEN,
+  group_id: process.env.GROUP_ID
+})
+const session = new Session()
+const i18n = new I18n({
+  locales: ['en', 'ru'],
+  defaultLocale: 'en',
+  directory: path.join(__dirname, 'locales')
+})
+
+bot.use(session.middleware())
+bot.use(i18n.middleware())
+
+bot.command('/start', (ctx) => {
+  ctx.reply(ctx.i18n.__('start', {
+    name: 'Mikhail'
+  }))
+})
+
+bot.startPolling()
+```
+
+## API
+
+### Options
+
+* `locales`: Languages list
+* `defaultLocale`: Default language
+* `directory`: Absolute path to locales directory
+
+### Methods
+
+* `ctx.i18n.locale=`: Setter for locale
+* `ctx.i18n.locale`: Getter for locale
+* `ctx.i18n.__(key, [variables])`: Generate message from template
+
+### Locale file example
+
+All files must be store as json.
+
+```js
+{
+  "start": "Hello, %name%!",
+  "errors": {
+    "userNotFound": "User not found."
+  }
+}
+```
+
+## License
+
+MIT.

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No License Found

License

(Experimental) License information could not be found

Found 1 instance in 1 package

No tests

Quality

Package does not have any tests. This is a strong signal of a poorly maintained or low quality package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

6863

increased by1329.79%

Number of package files

9

increased by350%

Number of low license alerts

0

decreased by-100%

Lines of code

148

increased byInfinity%

Number of low maintenance alerts

1

decreased by-50%

Number of low quality alerts

0

decreased by-100%

Number of lines in readme file

83

increased by730%

Worsened metrics

Dev dependency count

7

increased byInfinity%

Number of low supply chain risk alerts

2

increased byInfinity%

No dependency changes