npm-package-arg
Advanced tools
Comparing version 9.0.0 to 9.0.1
{ | ||
"name": "npm-package-arg", | ||
"version": "9.0.0", | ||
"version": "9.0.1", | ||
"description": "Parse the things that can be arguments to `npm install`", | ||
@@ -14,3 +14,3 @@ "main": "./lib/npa.js", | ||
"dependencies": { | ||
"hosted-git-info": "^4.1.0", | ||
"hosted-git-info": "^5.0.0", | ||
"semver": "^7.3.5", | ||
@@ -20,3 +20,3 @@ "validate-npm-package-name": "^3.0.0" | ||
"devDependencies": { | ||
"@npmcli/template-oss": "^2.7.1", | ||
"@npmcli/template-oss": "^2.9.2", | ||
"tap": "^15.1.6" | ||
@@ -55,4 +55,4 @@ }, | ||
"templateOSS": { | ||
"version": "2.7.1" | ||
"version": "2.9.2" | ||
} | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
0
+ Addedhosted-git-info@5.2.1(transitive)
+ Addedlru-cache@7.18.3(transitive)
- Removedhosted-git-info@4.1.0(transitive)
- Removedlru-cache@6.0.0(transitive)
- Removedyallist@4.0.0(transitive)
Updatedhosted-git-info@^5.0.0