photon
Advanced tools
Comparing version 2.0.1 to 2.1.0
@@ -0,1 +1,8 @@ | ||
| TBD | ||
| ================== | ||
| * Move source into [Calypso](https://github.com/Automattic/wp-calypso). | ||
| * Remove browser build from module. | ||
| * Include esm and commonjs in module. | ||
| 2.0.1 / 2017-11-08 | ||
@@ -2,0 +9,0 @@ ================== |
| { | ||
| "name": "photon", | ||
| "version": "2.0.1", | ||
| "description": "JavaScript library for the WordPress.com Photon image manipulation service", | ||
| "main": "index.js", | ||
| "scripts": { | ||
| "test": "mocha --reporter spec" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git://github.com/Automattic/photon.js.git" | ||
| }, | ||
| "keywords": [ | ||
| "wordpress", | ||
| "photon", | ||
| "image", | ||
| "resize", | ||
| "thumbnail", | ||
| "filter", | ||
| "service", | ||
| "api", | ||
| "library" | ||
| ], | ||
| "author": "Automattic, Inc.", | ||
| "contributors": [ | ||
| "Nathan Rajlich <nathan@automattic.com>" | ||
| ], | ||
| "license": "MIT", | ||
| "bugs": { | ||
| "url": "https://github.com/Automattic/photon.js/issues" | ||
| }, | ||
| "homepage": "https://github.com/Automattic/photon.js", | ||
| "dependencies": { | ||
| "crc32": "0.2.2", | ||
| "debug": "3.1.0", | ||
| "seed-random": "2.2.0" | ||
| }, | ||
| "devDependencies": { | ||
| "browserify": "14.5.0", | ||
| "mocha": "3.5.3" | ||
| } | ||
| "name": "photon", | ||
| "version": "2.1.0", | ||
| "description": "JavaScript library for the WordPress.com Photon image manipulation service", | ||
| "main": "dist/cjs/index.js", | ||
| "module": "dist/esm/index.js", | ||
| "sideEffects": false, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git://github.com/Automattic/wp-calypso.git", | ||
| "directory": "packages/photon" | ||
| }, | ||
| "keywords": [ | ||
| "wordpress", | ||
| "photon", | ||
| "image", | ||
| "resize", | ||
| "thumbnail", | ||
| "filter", | ||
| "service", | ||
| "api", | ||
| "library" | ||
| ], | ||
| "author": "Automattic, Inc.", | ||
| "contributors": [ | ||
| "Nathan Rajlich <nathan@automattic.com>" | ||
| ], | ||
| "license": "GPL-2.0-or-later", | ||
| "bugs": { | ||
| "url": "https://github.com/Automattic/wp-calypso/issues" | ||
| }, | ||
| "homepage": "https://github.com/Automattic/wp-calypso", | ||
| "dependencies": { | ||
| "crc32": "0.2.2", | ||
| "debug": "^3.2.6", | ||
| "seed-random": "2.2.0", | ||
| "url": "^0.11.0" | ||
| }, | ||
| "scripts": { | ||
| "clean": "npx rimraf dist", | ||
| "prepublish": "npm run clean", | ||
| "prepare": "transpile" | ||
| }, | ||
| "gitHead": "f7d06c6d5904a74e60654338dffb8de6f1223134" | ||
| } |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Copyleft License
License(Experimental) Copyleft license information was found
Found 1 instance in 1 package
Mixed license
License(Experimental) Package contains multiple licenses.
Found 1 instance in 1 package
Non-permissive License
License(Experimental) A license not known to be considered permissive was found
Found 1 instance in 1 package
Fixed alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Improved metrics
- Dev dependency count
- decreased by-100%
0
- Number of package files
- increased by11.11%
10
- Number of low supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-62.23%
33631
- Dependency count
- increased by33.33%
4
- Number of low license alerts
- increased byInfinity%
3
- License quality
- decreased by-30%
70
- Lines of code
- decreased by-83.69%
407
- Number of lines in readme file
- decreased by-50%
36
Dependency changes
+ Addedurl@^0.11.0
+ Addedcall-bind@1.0.7(transitive)
+ Addeddebug@3.2.7(transitive)
+ Addeddefine-data-property@1.1.4(transitive)
+ Addedes-define-property@1.0.0(transitive)
+ Addedes-errors@1.3.0(transitive)
+ Addedfunction-bind@1.1.2(transitive)
+ Addedget-intrinsic@1.2.4(transitive)
+ Addedgopd@1.0.1(transitive)
+ Addedhas-property-descriptors@1.0.2(transitive)
+ Addedhas-proto@1.0.3(transitive)
+ Addedhas-symbols@1.0.3(transitive)
+ Addedhasown@2.0.2(transitive)
+ Addedms@2.1.3(transitive)
+ Addedobject-inspect@1.13.1(transitive)
+ Addedpunycode@1.4.1(transitive)
+ Addedqs@6.12.1(transitive)
+ Addedset-function-length@1.2.2(transitive)
+ Addedside-channel@1.0.6(transitive)
+ Addedurl@0.11.3(transitive)
- Removeddebug@3.1.0(transitive)
- Removedms@2.0.0(transitive)
Updateddebug@^3.2.6