prettier - npm Package Compare versions

Comparing version 2.8.7 to 3.1.1

package.json

 {
   "name": "prettier",
-  "version": "2.8.7",
+  "version": "3.1.1",
   "description": "Prettier is an opinionated code formatter",
-  "bin": "./bin-prettier.js",
+  "bin": "./bin/prettier.cjs",
   "repository": "prettier/prettier",
@@ -11,12 +11,189 @@ "funding": "https://github.com/prettier/prettier?sponsor=1",
   "license": "MIT",
-  "main": "./index.js",
+  "main": "./index.cjs",
   "browser": "./standalone.js",
   "unpkg": "./standalone.js",
+  "exports": {
+    ".": {
+      "types": "./index.d.ts",
+      "require": "./index.cjs",
+      "browser": {
+        "import": "./standalone.mjs",
+        "default": "./standalone.js"
+      },
+      "default": "./index.mjs"
+    },
+    "./*": "./*",
+    "./doc": {
+      "types": "./doc.d.ts",
+      "require": "./doc.js",
+      "default": "./doc.mjs"
+    },
+    "./standalone": {
+      "types": "./standalone.d.ts",
+      "require": "./standalone.js",
+      "default": "./standalone.mjs"
+    },
+    "./plugins/estree": {
+      "types": "./plugins/estree.d.ts",
+      "require": "./plugins/estree.js",
+      "default": "./plugins/estree.mjs"
+    },
+    "./plugins/babel": {
+      "types": "./plugins/babel.d.ts",
+      "require": "./plugins/babel.js",
+      "default": "./plugins/babel.mjs"
+    },
+    "./plugins/flow": {
+      "types": "./plugins/flow.d.ts",
+      "require": "./plugins/flow.js",
+      "default": "./plugins/flow.mjs"
+    },
+    "./plugins/typescript": {
+      "types": "./plugins/typescript.d.ts",
+      "require": "./plugins/typescript.js",
+      "default": "./plugins/typescript.mjs"
+    },
+    "./plugins/acorn": {
+      "types": "./plugins/acorn.d.ts",
+      "require": "./plugins/acorn.js",
+      "default": "./plugins/acorn.mjs"
+    },
+    "./plugins/meriyah": {
+      "types": "./plugins/meriyah.d.ts",
+      "require": "./plugins/meriyah.js",
+      "default": "./plugins/meriyah.mjs"
+    },
+    "./plugins/angular": {
+      "types": "./plugins/angular.d.ts",
+      "require": "./plugins/angular.js",
+      "default": "./plugins/angular.mjs"
+    },
+    "./plugins/postcss": {
+      "types": "./plugins/postcss.d.ts",
+      "require": "./plugins/postcss.js",
+      "default": "./plugins/postcss.mjs"
+    },
+    "./plugins/graphql": {
+      "types": "./plugins/graphql.d.ts",
+      "require": "./plugins/graphql.js",
+      "default": "./plugins/graphql.mjs"
+    },
+    "./plugins/markdown": {
+      "types": "./plugins/markdown.d.ts",
+      "require": "./plugins/markdown.js",
+      "default": "./plugins/markdown.mjs"
+    },
+    "./plugins/glimmer": {
+      "types": "./plugins/glimmer.d.ts",
+      "require": "./plugins/glimmer.js",
+      "default": "./plugins/glimmer.mjs"
+    },
+    "./plugins/html": {
+      "types": "./plugins/html.d.ts",
+      "require": "./plugins/html.js",
+      "default": "./plugins/html.mjs"
+    },
+    "./plugins/yaml": {
+      "types": "./plugins/yaml.d.ts",
+      "require": "./plugins/yaml.js",
+      "default": "./plugins/yaml.mjs"
+    },
+    "./esm/standalone.mjs": "./standalone.mjs",
+    "./parser-babel": "./plugins/babel.js",
+    "./parser-babel.js": "./plugins/babel.js",
+    "./esm/parser-babel.mjs": "./plugins/babel.mjs",
+    "./parser-flow": "./plugins/flow.js",
+    "./parser-flow.js": "./plugins/flow.js",
+    "./esm/parser-flow.mjs": "./plugins/flow.mjs",
+    "./parser-typescript": "./plugins/typescript.js",
+    "./parser-typescript.js": "./plugins/typescript.js",
+    "./esm/parser-typescript.mjs": "./plugins/typescript.mjs",
+    "./parser-espree": "./plugins/acorn.js",
+    "./parser-espree.js": "./plugins/acorn.js",
+    "./esm/parser-espree.mjs": "./plugins/acorn.mjs",
+    "./parser-meriyah": "./plugins/meriyah.js",
+    "./parser-meriyah.js": "./plugins/meriyah.js",
+    "./esm/parser-meriyah.mjs": "./plugins/meriyah.mjs",
+    "./parser-angular": "./plugins/angular.js",
+    "./parser-angular.js": "./plugins/angular.js",
+    "./esm/parser-angular.mjs": "./plugins/angular.mjs",
+    "./parser-postcss": "./plugins/postcss.js",
+    "./parser-postcss.js": "./plugins/postcss.js",
+    "./esm/parser-postcss.mjs": "./plugins/postcss.mjs",
+    "./parser-graphql": "./plugins/graphql.js",
+    "./parser-graphql.js": "./plugins/graphql.js",
+    "./esm/parser-graphql.mjs": "./plugins/graphql.mjs",
+    "./parser-markdown": "./plugins/markdown.js",
+    "./parser-markdown.js": "./plugins/markdown.js",
+    "./esm/parser-markdown.mjs": "./plugins/markdown.mjs",
+    "./parser-glimmer": "./plugins/glimmer.js",
+    "./parser-glimmer.js": "./plugins/glimmer.js",
+    "./esm/parser-glimmer.mjs": "./plugins/glimmer.mjs",
+    "./parser-html": "./plugins/html.js",
+    "./parser-html.js": "./plugins/html.js",
+    "./esm/parser-html.mjs": "./plugins/html.mjs",
+    "./parser-yaml": "./plugins/yaml.js",
+    "./parser-yaml.js": "./plugins/yaml.js",
+    "./esm/parser-yaml.mjs": "./plugins/yaml.mjs"
+  },
   "engines": {
-    "node": ">=10.13.0"
+    "node": ">=14"
   },
   "files": [
-    "*.js",
-    "esm/*.mjs"
-  ]
+    "LICENSE",
+    "README.md",
+    "bin/prettier.cjs",
+    "doc.d.ts",
+    "doc.js",
+    "doc.mjs",
+    "index.cjs",
+    "index.d.ts",
+    "index.d.ts",
+    "index.mjs",
+    "internal/cli.mjs",
+    "package.json",
+    "plugins/acorn.d.ts",
+    "plugins/acorn.js",
+    "plugins/acorn.mjs",
+    "plugins/angular.d.ts",
+    "plugins/angular.js",
+    "plugins/angular.mjs",
+    "plugins/babel.d.ts",
+    "plugins/babel.js",
+    "plugins/babel.mjs",
+    "plugins/estree.d.ts",
+    "plugins/estree.js",
+    "plugins/estree.mjs",
+    "plugins/flow.d.ts",
+    "plugins/flow.js",
+    "plugins/flow.mjs",
+    "plugins/glimmer.d.ts",
+    "plugins/glimmer.js",
+    "plugins/glimmer.mjs",
+    "plugins/graphql.d.ts",
+    "plugins/graphql.js",
+    "plugins/graphql.mjs",
+    "plugins/html.d.ts",
+    "plugins/html.js",
+    "plugins/html.mjs",
+    "plugins/markdown.d.ts",
+    "plugins/markdown.js",
+    "plugins/markdown.mjs",
+    "plugins/meriyah.d.ts",
+    "plugins/meriyah.js",
+    "plugins/meriyah.mjs",
+    "plugins/postcss.d.ts",
+    "plugins/postcss.js",
+    "plugins/postcss.mjs",
+    "plugins/typescript.d.ts",
+    "plugins/typescript.js",
+    "plugins/typescript.mjs",
+    "plugins/yaml.d.ts",
+    "plugins/yaml.js",
+    "plugins/yaml.mjs",
+    "standalone.d.ts",
+    "standalone.js",
+    "standalone.mjs"
+  ],
+  "preferUnplugged": true
 }

README.md

@@ -1,2 +0,2 @@
-![Prettier Banner](https://unpkg.com/prettier-logo@1.0.3/images/prettier-banner-light.svg)
+[![Prettier Banner](https://unpkg.com/prettier-logo@1.0.3/images/prettier-banner-light.svg)](https://prettier.io)
 
@@ -58,3 +58,3 @@ <h2 align="center">Opinionated Code Formatter</h2>
   <a href="https://twitter.com/PrettierCode">
-    <img alt="Follow Prettier on Twitter" src="https://img.shields.io/twitter/follow/prettiercode.svg?label=follow+prettier&style=flat-square"></a>
+    <img alt="Follow Prettier on Twitter" src="https://img.shields.io/badge/%40PrettierCode-9f9f9f?style=flat-square&logo=x&labelColor=555"></a>
 </p>
@@ -80,3 +80,3 @@
   IShouldRefactorThis(),
-  isThereSeriouslyAnotherOne()
+  isThereSeriouslyAnotherOne(),
 );
@@ -83,0 +83,0 @@ ```

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 6 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

AI-detected potential code anomaly

Supply chain risk

AI has identified unusual behaviors that may pose a security risk.

Found 1 instance in 1 package

High entropy strings

Supply chain risk

Contains high entropy strings. This could be a sign of encrypted data, leaked secrets or obfuscated code.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

High entropy strings

Supply chain risk

Contains high entropy strings. This could be a sign of encrypted data, leaked secrets or obfuscated code.

Found 1 instance in 1 package

Improved metrics

Number of package files

53

55.88%

Published versions last two months

4

33.33%

Worsened metrics

Total package byte prevSize

8424619

-25.04%

Lines of code

62213

-34.05%

Number of low supply chain risk alerts

44

18.92%

No dependency changes