r2-utils-js - npm Package Compare versions

Comparing version 1.0.0-alpha.4 to 1.0.0-alpha.5

CHANGELOG.md

@@ -7,4 +7,22 @@ # Next
 Git diff:
-* https://github.com/readium/r2-utils-js/compare/v1.0.0-alpha.4...develop
+* https://github.com/readium/r2-utils-js/compare/v1.0.0-alpha.5...develop
 
+# 1.0.0-alpha.5
+
+Changes:
+* Fixed TypeScript regression bug (3.0.3 -> 3.1.1) related to XML / HTML DOM typings
+* Removed TypeScript linter warning message (checks for no unused variables)
+* NPM updates related to the Node TypeScript typings
+* Dependency "ta-json" updates, and NPM integration GitHub semver reference
+
+Git revision info:
+* https://unpkg.com/r2-utils-js@1.0.0-alpha.5/dist/gitrev.json
+* https://github.com/edrlab/r2-utils-js-dist/blob/v1.0.0-alpha.5/dist/gitrev.json
+
+Git commit history:
+* https://github.com/readium/r2-utils-js/commits/v1.0.0-alpha.5
+
+Git diff:
+* https://github.com/readium/r2-utils-js/compare/v1.0.0-alpha.4...v1.0.0-alpha.5
+
 # 1.0.0-alpha.4
@@ -11,0 +29,0 @@

dist/gitrev.json

 {
-  "short": "c0850b5",
-  "long": "c0850b5c5e06a48b7a559085c16d7f632b074cc5",
+  "short": "0c0714e",
+  "long": "0c0714e99d89bb225f0af4d43dc07d518115d0af",
   "branch": "develop",
-  "date": "2018-09-19T10:55:27.000Z",
+  "date": "2018-10-02T13:57:00.000Z",
   "dirty": true,
-  "urlHistory": "https://github.com/readium/r2-utils-js/commits/c0850b5c5e06a48b7a559085c16d7f632b074cc5",
-  "urlDiff": "https://github.com/readium/r2-utils-js/compare/c0850b5c5e06a48b7a559085c16d7f632b074cc5...develop"
+  "urlHistory": "https://github.com/readium/r2-utils-js/commits/0c0714e99d89bb225f0af4d43dc07d518115d0af",
+  "urlDiff": "https://github.com/readium/r2-utils-js/compare/0c0714e99d89bb225f0af4d43dc07d518115d0af...develop"
 }

package.json

 {
   "name": "r2-utils-js",
-  "version": "1.0.0-alpha.4",
+  "version": "1.0.0-alpha.5",
   "description": "Readium 2 'utils' for NodeJS (TypeScript)",
@@ -55,3 +55,3 @@ "keywords": [
     "request-promise-native": "^1.0.5",
-    "ta-json": "github:danielweck/ta-json#dist",
+    "ta-json": "git://github.com/danielweck/ta-json.git#semver:^2.5.0",
     "tslib": "^1.9.3",
@@ -65,3 +65,3 @@ "unzipper": "^0.9.3",
     "@types/debug": "^0.0.30",
-    "@types/node": "8.*.*",
+    "@types/node": "^8.10.32",
     "@types/request": "^2.47.1",
@@ -79,3 +79,3 @@ "@types/request-promise-native": "^1.0.15",
     "tslint-language-service": "^0.9.9",
-    "typescript": "^3.0.3"
+    "typescript": "^3.1.1"
   },
@@ -82,0 +82,0 @@ "main": "dist/es6-es2015/src/_utils/perf-cli.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Git dependency

Supply chain risk

Contains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

GitHub dependency

Supply chain risk

Contains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Improved metrics

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

1086534

decreased by-0.49%

Number of package files

546

decreased by-0.18%

Dependency changes

• Updatedta-json@git://github.com/danielweck/ta-json.git#semver:^2.5.0