protobuf.js - npm Package Compare versions

Comparing version 0.0.17 to 0.0.18

index.js

@@ -141,3 +141,3 @@ var fs = require('fs'),
             if (schema[key].type === 0) {
-                varint = butils.readVarint(buffer, pos + 1);
+                varint = butils.readVarint(buffer, pos + 1, schema[key].raw_type === 'sint32' || schema[key].raw_type === 'sint64');
                 len = varint.bytes + 1;
@@ -215,3 +215,3 @@ val = varint.num;
                 bytes.push((schema[key].field << 3) + schema[key].type);
-                butils.writeVarint(bytes, params[key], bytes.length);
+                butils.writeVarint(bytes, params[key], bytes.length, schema[key].raw_type === 'sint32' || schema[key].raw_type == 'sint64');
             }
@@ -218,0 +218,0 @@ }

package.json

 {
   "name": "protobuf.js",
-  "version": "0.0.17",
+  "version": "0.0.18",
   "description": "a pure javascript protocol buffer encoding implementation, written specifically for riak",
   "main": "index.js",
   "dependencies": {
-    "butils": "",
+    "butils": "0.0.5",
     "wtf8": "https://github.com/lautis/wtf8/tarball/master"
@@ -9,0 +9,0 @@ },

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

Wildcard dependency

Quality

Package has a dependency with a floating version range. This can cause issues if the dependency publishes a new major version.

Found 1 instance in 1 package

Improved metrics

Number of medium quality alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

11019

decreased by-36.41%

Number of package files

6

decreased by-25%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedbutils@0.0.5(transitive)

• - Removedbutils@0.1.0(transitive)

• Updatedbutils@0.0.5