nuclide-prebuilt-libs - npm Package Compare versions

Comparing version 0.0.6 to 0.0.7

fuzzy-native/package.json

 {
   "name": "fuzzy-native",
-  "version": "0.6.3",
+  "version": "0.6.4",
   "description": "Native C++ implementation of a fuzzy string matcher.",
@@ -5,0 +5,0 @@ "main": "lib/main.js",

package.json

 {
   "name": "nuclide-prebuilt-libs",
   "description": "Nuclide's binary dependencies prebuilt for various platforms",
-  "version": "0.0.6",
+  "version": "0.0.7",
   "keywords": [],
@@ -6,0 +6,0 @@ "homepage": "https://nuclide.io/",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 8 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 7 instances in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

6586774

increased by1.08%

Number of package files

46

increased by2.22%

Number of medium supply chain risk alerts

27

decreased by-3.57%

No dependency changes