npm-profile - npm Package Compare versions

Comparing version 4.0.0 to 4.0.1

CHANGELOG.md

@@ -0,1 +1,6 @@
+# v4.0.1 (2018-08-29)
+
+- `opts.password` needs to be base64-encoded when passed in for login
+- Bump `npm-registry-fetch` dep because we depend on `opts.forceAuth`
+
 # v4.0.0 (2018-08-28)
@@ -2,0 +7,0 @@

index.js

@@ -198,3 +198,3 @@ 'use strict'
           username,
-          password,
+          password: Buffer.from(password, 'utf8').toString('base64'),
           otp: opts.otp
@@ -201,0 +201,0 @@ }

package.json

 {
   "name": "npm-profile",
-  "version": "4.0.0",
+  "version": "4.0.1",
   "description": "Library for updating an npmjs.com profile",
@@ -11,3 +11,3 @@ "keywords": [],
     "figgy-pudding": "^3.4.1",
-    "npm-registry-fetch": "^3.3.0"
+    "npm-registry-fetch": "^3.8.0"
   },
@@ -14,0 +14,0 @@ "main": "index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

29446

increased by0.73%

Number of medium supply chain risk alerts

11

decreased by-15.38%

Dependency changes

• Updatednpm-registry-fetch@^3.8.0