npm-latest - npm Package Compare versions

Comparing version 1.0.2 to 2.0.0

package.json

 {
   "name": "npm-latest",
-  "version": "1.0.2",
+  "version": "2.0.0",
   "description": "Quickly find the latest version of a package in npm.",
@@ -17,24 +17,20 @@ "homepage": "https://github.com/jprichardson/npm-latest.git",
   "license": "MIT",
-  "main": "./lib/npm-latest.js",
   "dependencies": {
-    "colors": "0.6.x",
-    "registry-url": "^3.0.0",
-    "request": "^2.54.0",
-    "vcsurl": "~0.1.1"
+    "colors": "1.3.3",
+    "vcsurl": "0.1.1"
   },
   "devDepdencies": {},
   "bin": {
-    "npm-latest": "./bin/cli.js"
+    "npm-latest": "./cli.js"
   },
   "devDependencies": {
-    "mocha": "^2.2.1",
-    "standard": "^3.3.1"
+    "mocha": "^6.1.4"
   },
   "scripts": {
-    "test": "standard && mocha"
+    "test": "mocha"
   },
   "files": [
-    "lib",
-    "bin"
+    "index.js",
+    "cli.js"
   ]
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Dependency count

2

decreased by-50%

Dev dependency count

1

decreased by-50%

Number of low supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

6946

decreased by-9.44%

Lines of code

94

decreased by-12.96%

Number of medium supply chain risk alerts

3

increased byInfinity%

Dependency changes

• + Addedcolors@1.3.3(transitive)

• - Removedregistry-url@^3.0.0

• - Removedrequest@^2.54.0

• - Removedajv@6.12.6(transitive)

• - Removedasn1@0.2.6(transitive)

• - Removedassert-plus@1.0.0(transitive)

• - Removedasynckit@0.4.0(transitive)

• - Removedaws-sign2@0.7.0(transitive)

• - Removedaws4@1.13.2(transitive)

• - Removedbcrypt-pbkdf@1.0.2(transitive)

• - Removedcaseless@0.12.0(transitive)

• - Removedcolors@0.6.2(transitive)

• - Removedcombined-stream@1.0.8(transitive)

• - Removedcore-util-is@1.0.2(transitive)

• - Removeddashdash@1.14.1(transitive)

• - Removeddeep-extend@0.6.0(transitive)

• - Removeddelayed-stream@1.0.0(transitive)

• - Removedecc-jsbn@0.1.2(transitive)

• - Removedextend@3.0.2(transitive)

• - Removedextsprintf@1.3.0(transitive)

• - Removedfast-deep-equal@3.1.3(transitive)

• - Removedfast-json-stable-stringify@2.1.0(transitive)

• - Removedforever-agent@0.6.1(transitive)

• - Removedform-data@2.3.3(transitive)

• - Removedgetpass@0.1.7(transitive)

• - Removedhar-schema@2.0.0(transitive)

• - Removedhar-validator@5.1.5(transitive)

• - Removedhttp-signature@1.2.0(transitive)

• - Removedini@1.3.8(transitive)

• - Removedis-typedarray@1.0.0(transitive)

• - Removedisstream@0.1.2(transitive)

• - Removedjsbn@0.1.1(transitive)

• - Removedjson-schema@0.4.0(transitive)

• - Removedjson-schema-traverse@0.4.1(transitive)

• - Removedjson-stringify-safe@5.0.1(transitive)

• - Removedjsprim@1.4.2(transitive)

• - Removedmime-db@1.52.0(transitive)

• - Removedmime-types@2.1.35(transitive)

• - Removedminimist@1.2.8(transitive)

• - Removedoauth-sign@0.9.0(transitive)

• - Removedperformance-now@2.1.0(transitive)

• - Removedpsl@1.10.0(transitive)

• - Removedpunycode@2.3.1(transitive)

• - Removedqs@6.5.3(transitive)

• - Removedrc@1.2.8(transitive)

• - Removedregistry-url@3.1.0(transitive)

• - Removedrequest@2.88.2(transitive)

• - Removedsafe-buffer@5.2.1(transitive)

• - Removedsafer-buffer@2.1.2(transitive)

• - Removedsshpk@1.18.0(transitive)

• - Removedstrip-json-comments@2.0.1(transitive)

• - Removedtough-cookie@2.5.0(transitive)

• - Removedtunnel-agent@0.6.0(transitive)

• - Removedtweetnacl@0.14.5(transitive)

• - Removeduri-js@4.4.1(transitive)

• - Removeduuid@3.4.0(transitive)

• - Removedverror@1.10.0(transitive)

• Updatedcolors@1.3.3

• Updatedvcsurl@0.1.1