poi-plugin-akashic-records - npm Package Compare versions

Comparing version 2.0.1 to 2.1.0-beta.4

package.json

 {
   "name": "poi-plugin-akashic-records",
-  "version": "2.0.1",
+  "version": "2.1.0-beta.4",
   "description": "logbook plugin for poi",
   "main": "index.js",
   "scripts": {
+    "win-publish": "cjsx -cb . && coffee -cb . && del /s \"*.coffee\" && del /s \"*.cjsx\" && npm publish",
+    "win-prerelease": "cjsx -cb . && coffee -cb . && del /s \"*.coffee\" && del /s \"*.cjsx\" && npm publish --tag beta",
+    "compile": "cjsx -cb . && coffee -cb .",
     "test": "echo \"Error: no test specified\" && exit 1"
@@ -8,0 +11,0 @@ },

New alerts

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2512328

increased by0.68%

Lines of code

58832

increased by8.4%

Worsened metrics

Number of package files

42

decreased by-2.33%

Number of low quality alerts

2

increased by100%

Number of low supply chain risk alerts

30

increased by1400%

No dependency changes