npmnext-sample - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1-dev.ae0a70050

package.json

 {
-  "name": "npmnext-sample",
-  "version": "1.0.0",
-  "description": "",
-  "main": "index.js",
-  "scripts": {
-    "build": "copy-and-watch src/**/*.js dist",
-    "watch": "copy-and-watch --watch src/**/*.js dist",
-    "prepublishOnly": "npm run build"
-  },
-  "author": "",
-  "license": "ISC",
-  "devDependencies": {
-    "copy-and-watch": "^0.1.4"
-  }
-}
+    "name": "npmnext-sample",
+    "version": "1.0.1-dev.ae0a70050",
+    "description": "",
+    "main": "index.js",
+    "bin": {
+        "publish-release": "./publish-release.js"
+    },
+    "repository": {
+        "type": "git",
+        "url": "git+https://github.com/ilhan007/npmnext-sample.git"
+    },
+    "scripts": {
+        "build": "copy-and-watch src/**/*.js dist",
+        "watch": "copy-and-watch --watch src/**/*.js dist",
+        "prepublishOnly": "npm run build"
+    },
+    "author": "",
+    "license": "ISC",
+    "devDependencies": {
+        "copy-and-watch": "^0.1.4"
+    }
+}

src/Field.js

@@ -1,3 +0,7 @@
-/*
-* Field webcomponent
+/**
+* Field webcomponent, wrapping a native input.
+* @since 1.0.0
+* @class
+* @public
+* @tagname my-field
 */
@@ -4,0 +8,0 @@ class Field extends HTMLElement {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2483

increased by146.09%

Number of package files

5

increased by66.67%

Lines of code

37

increased by94.74%

Worsened metrics

Number of low quality alerts

2

increased by100%

Number of low supply chain risk alerts

2

increased by100%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes