onsenui - npm Package Compare versions

Comparing version 0.6.0 to 0.7.1

package.json

 {
   "name": "onsenui",
-  "version": "0.6.0",
+  "version": "0.7.1",
+  "private": false,
+  "author": "@kruyvanna",
   "devDependencies": {
@@ -11,4 +13,5 @@ "grunt": "~0.4.1",
     "grunt-contrib-concat": "~0.3.0",
-    "grunt-contrib-watch": "~0.5.3"
+    "grunt-contrib-watch": "~0.5.3",
+    "grunt-html2js": "~0.2.3"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 16 instances in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

4283340

increased by75.81%

Number of package files

52

increased by15.56%

Lines of code

55922

increased by2.79%

Number of low maintenance alerts

1

decreased by-50%

Worsened metrics

Dev dependency count

8

increased by14.29%

Number of medium supply chain risk alerts

21

increased by250%

No dependency changes