pkgstat-cli - npm Package Compare versions

Comparing version 0.1.5 to 0.1.6

package.json

 {
   "name": "pkgstat-cli",
-  "version": "0.1.5",
+  "version": "0.1.6",
   "description": "CLI tool for searching packages from npm,rubygems & pypi",
@@ -20,3 +20,4 @@ "files": [
     "commander": "^2.9.0",
-    "pkgstat": "^1.1.4"
+    "execa": "^0.9.0",
+    "pkgstat": "^1.2.4"
   },
@@ -23,0 +24,0 @@ "devDependencies": {

pkgstat.js

@@ -28,2 +28,3 @@ #!/usr/bin/env node
               chalk.green('Description ') + chalk.bold(resp.description),
+              chalk.green('Total Downloads in Last 30 Days ' + chalk.bold(resp.totalDownloadsLastMonth || 'NA')),
               chalk.green('URL ') + chalk.bold(resp.url),
@@ -34,2 +35,3 @@ chalk.green('Homepage ') + chalk.bold(resp.source),
             ]
+
             console.log(output.join('\n'))
@@ -36,0 +38,0 @@ }

Fixed alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

5136

increased by2.76%

Lines of code

66

increased by1.54%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

4

increased by33.33%

Dependency changes

• + Addedexeca@^0.9.0

• + Addedcross-spawn@5.1.0(transitive)

• + Addedexeca@0.9.0(transitive)

• + Addedisexe@2.0.0(transitive)

• + Addedlru-cache@4.1.5(transitive)

• + Addednpm-run-path@2.0.2(transitive)

• + Addedp-finally@1.0.0(transitive)

• + Addedpath-key@2.0.1(transitive)

• + Addedpseudomap@1.0.2(transitive)

• + Addedshebang-command@1.2.0(transitive)

• + Addedshebang-regex@1.0.0(transitive)

• + Addedsignal-exit@3.0.7(transitive)

• + Addedstrip-eof@1.0.0(transitive)

• + Addedwhich@1.3.1(transitive)

• + Addedyallist@2.1.2(transitive)

• Updatedpkgstat@^1.2.4