npm-package-arg
Advanced tools
Comparing version 8.1.1 to 8.1.2
{ | ||
"name": "npm-package-arg", | ||
"version": "8.1.1", | ||
"version": "8.1.2", | ||
"description": "Parse the things that can be arguments to `npm install`", | ||
@@ -13,8 +13,8 @@ "main": "npa.js", | ||
"dependencies": { | ||
"hosted-git-info": "^3.0.6", | ||
"semver": "^7.0.0", | ||
"hosted-git-info": "^4.0.1", | ||
"semver": "^7.3.4", | ||
"validate-npm-package-name": "^3.0.0" | ||
}, | ||
"devDependencies": { | ||
"tap": "^14.10.2" | ||
"tap": "^14.11.0" | ||
}, | ||
@@ -21,0 +21,0 @@ "scripts": { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
+ Addedhosted-git-info@4.1.0(transitive)
- Removedhosted-git-info@3.0.8(transitive)
Updatedhosted-git-info@^4.0.1
Updatedsemver@^7.3.4