nwjs-download
Advanced tools
Comparing version 1.4.1 to 1.4.2
@@ -24,3 +24,3 @@ | ||
| var Flow = require('node-flow'); | ||
| var Flow = require('@evshiron/node-flow'); | ||
@@ -27,0 +27,0 @@ var _require4 = require('./util'); |
@@ -38,3 +38,3 @@ | ||
| var Flow = require('node-flow'); | ||
| var Flow = require('@evshiron/node-flow'); | ||
@@ -41,0 +41,0 @@ var DIR_CACHES = join(homedir(), '.nwjs-download', 'caches'); |
| { | ||
| "name": "nwjs-download", | ||
| "version": "1.4.1", | ||
| "version": "1.4.2", | ||
| "description": "", | ||
@@ -29,2 +29,3 @@ "main": "./lib/index.js", | ||
| "dependencies": { | ||
| "@evshiron/node-flow": "^1.1.0", | ||
| "babel-polyfill": "^6.9.0", | ||
@@ -34,3 +35,2 @@ "commander": "^2.9.0", | ||
| "fs-extra": "^0.30.0", | ||
| "node-flow": "evshiron/node-flow", | ||
| "progress": "^1.1.8", | ||
@@ -37,0 +37,0 @@ "request": "^2.72.0", |
Fixed alerts
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 1 instance in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.06%
30407
- Number of high supply chain risk alerts
- decreased by-100%
0
- Number of medium supply chain risk alerts
- decreased by-100%
0
Dependency changes
+ Added@evshiron/node-flow@^1.1.0
+ Added@evshiron/node-flow@1.2.0(transitive)
+ Addedansi-regex@2.1.1(transitive)
+ Addedansi-styles@2.2.1(transitive)
+ Addedchalk@1.1.3(transitive)
+ Addedescape-string-regexp@1.0.5(transitive)
+ Addedhas-ansi@2.0.0(transitive)
+ Addedstrip-ansi@3.0.1(transitive)
+ Addedsupports-color@2.0.0(transitive)
- Removednode-flow@evshiron/node-flow