re2 - npm Package Compare versions

Comparing version 1.13.1 to 1.14.0

package.json

 {
   "name": "re2",
-  "version": "1.13.1",
+  "version": "1.14.0",
   "description": "Bindings for RE2: fast, safe alternative to backtracking regular expression engines.",
@@ -13,10 +13,15 @@ "homepage": "http://github.com/uhop/node-re2",
   "dependencies": {
-    "nan": "^2.14.1"
+    "nan": "^2.14.1",
+    "node-gyp": "^6.1.0"
   },
   "devDependencies": {
-    "heya-unit": "^0.3.0",
-    "node-gyp": "^6.1.0"
+    "@actions/github": "^2.2.0",
+    "heya-unit": "^0.3.0"
   },
   "scripts": {
-    "test": "node tests/tests.js"
+    "test": "node tests/tests.js",
+    "rebuild": "node-gyp rebuild",
+    "create-binary-asset": "node scripts/create-binary-asset.js --artifact build/Release/re2.node",
+    "install": "node scripts/install-from-cache.js --artifact build/Release/re2.node",
+    "verify-build": "node scripts/verify-build.js"
   },
@@ -23,0 +28,0 @@ "github": "http://github.com/uhop/node-re2",

README.md

@@ -331,17 +331,5 @@ # node-re2
 
-## Working on this project
-
-This project uses git submodules, so the correct way to get it is:
-
-    git clone git@github.com:uhop/node-re2.git
-    cd node-re2
-    git submodule update --init --recursive
-
-In order to build it, make sure that you have all necessary `gyp` dependencies
-for your platform, then run:
-
-    npm install
-
 ## Release history
 
+- 1.14.0 *New delivery mechanism for binary artifacts (thx, [Brandon Kobel](https://github.com/kobelb) for the idea and the research) + minor fix to eliminate warnings on Windows.*
 - 1.13.1 *Fix for Windows builds.*
@@ -348,0 +336,0 @@ - 1.13.0 *Got rid of a single static variable to support multithreading.*

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 11 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1261431

increased by1.15%

Number of package files

143

increased by7.52%

Lines of code

1624

increased by15.59%

Worsened metrics

Dependency count

2

increased by100%

Number of lines in readme file

371

decreased by-3.13%

Number of high supply chain risk alerts

1

increased byInfinity%

Number of low supply chain risk alerts

13

increased byInfinity%

Number of medium supply chain risk alerts

467

increased by0.43%

Dependency changes

• + Addednode-gyp@^6.1.0

• + Addedabbrev@1.1.1(transitive)

• + Addedajv@6.12.6(transitive)

• + Addedansi-regex@2.1.1(transitive)

• + Addedaproba@1.2.0(transitive)

• + Addedare-we-there-yet@1.1.7(transitive)

• + Addedasn1@0.2.6(transitive)

• + Addedassert-plus@1.0.0(transitive)

• + Addedasynckit@0.4.0(transitive)

• + Addedaws-sign2@0.7.0(transitive)

• + Addedaws4@1.13.2(transitive)

• + Addedbalanced-match@1.0.2(transitive)

• + Addedbcrypt-pbkdf@1.0.2(transitive)

• + Addedbrace-expansion@1.1.11(transitive)

• + Addedcaseless@0.12.0(transitive)

• + Addedchownr@1.1.4(transitive)

• + Addedcode-point-at@1.1.0(transitive)

• + Addedcombined-stream@1.0.8(transitive)

• + Addedconcat-map@0.0.1(transitive)

• + Addedconsole-control-strings@1.1.0(transitive)

• + Addedcore-util-is@1.0.21.0.3(transitive)

• + Addeddashdash@1.14.1(transitive)

• + Addeddelayed-stream@1.0.0(transitive)

• + Addeddelegates@1.0.0(transitive)

• + Addedecc-jsbn@0.1.2(transitive)

• + Addedenv-paths@2.2.1(transitive)

• + Addedextend@3.0.2(transitive)

• + Addedextsprintf@1.3.0(transitive)

• + Addedfast-deep-equal@3.1.3(transitive)

• + Addedfast-json-stable-stringify@2.1.0(transitive)

• + Addedforever-agent@0.6.1(transitive)

• + Addedform-data@2.3.3(transitive)

• + Addedfs-minipass@1.2.7(transitive)

• + Addedfs.realpath@1.0.0(transitive)

• + Addedgauge@2.7.4(transitive)

• + Addedgetpass@0.1.7(transitive)

• + Addedglob@7.2.3(transitive)

• + Addedgraceful-fs@4.2.11(transitive)

• + Addedhar-schema@2.0.0(transitive)

• + Addedhar-validator@5.1.5(transitive)

• + Addedhas-unicode@2.0.1(transitive)

• + Addedhttp-signature@1.2.0(transitive)

• + Addedinflight@1.0.6(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedis-fullwidth-code-point@1.0.0(transitive)

• + Addedis-typedarray@1.0.0(transitive)

• + Addedisarray@1.0.0(transitive)

• + Addedisexe@2.0.0(transitive)

• + Addedisstream@0.1.2(transitive)

• + Addedjsbn@0.1.1(transitive)

• + Addedjson-schema@0.4.0(transitive)

• + Addedjson-schema-traverse@0.4.1(transitive)

• + Addedjson-stringify-safe@5.0.1(transitive)

• + Addedjsprim@1.4.2(transitive)

• + Addedmime-db@1.52.0(transitive)

• + Addedmime-types@2.1.35(transitive)

• + Addedminimatch@3.1.2(transitive)

• + Addedminimist@1.2.8(transitive)

• + Addedminipass@2.9.0(transitive)

• + Addedminizlib@1.3.3(transitive)

• + Addedmkdirp@0.5.6(transitive)

• + Addednode-gyp@6.1.0(transitive)

• + Addednopt@4.0.3(transitive)

• + Addednpmlog@4.1.2(transitive)

• + Addednumber-is-nan@1.0.1(transitive)

• + Addedoauth-sign@0.9.0(transitive)

• + Addedobject-assign@4.1.1(transitive)

• + Addedonce@1.4.0(transitive)

• + Addedos-homedir@1.0.2(transitive)

• + Addedos-tmpdir@1.0.2(transitive)

• + Addedosenv@0.1.5(transitive)

• + Addedpath-is-absolute@1.0.1(transitive)

• + Addedperformance-now@2.1.0(transitive)

• + Addedprocess-nextick-args@2.0.1(transitive)

• + Addedpsl@1.10.0(transitive)

• + Addedpunycode@2.3.1(transitive)

• + Addedqs@6.5.3(transitive)

• + Addedreadable-stream@2.3.8(transitive)

• + Addedrequest@2.88.2(transitive)

• + Addedrimraf@2.7.1(transitive)

• + Addedsafe-buffer@5.1.25.2.1(transitive)

• + Addedsafer-buffer@2.1.2(transitive)

• + Addedsemver@5.7.2(transitive)

• + Addedset-blocking@2.0.0(transitive)

• + Addedsignal-exit@3.0.7(transitive)

• + Addedsshpk@1.18.0(transitive)

• + Addedstring-width@1.0.2(transitive)

• + Addedstring_decoder@1.1.1(transitive)

• + Addedstrip-ansi@3.0.1(transitive)

• + Addedtar@4.4.19(transitive)

• + Addedtough-cookie@2.5.0(transitive)

• + Addedtunnel-agent@0.6.0(transitive)

• + Addedtweetnacl@0.14.5(transitive)

• + Addeduri-js@4.4.1(transitive)

• + Addedutil-deprecate@1.0.2(transitive)

• + Addeduuid@3.4.0(transitive)

• + Addedverror@1.10.0(transitive)

• + Addedwhich@1.3.1(transitive)

• + Addedwide-align@1.1.5(transitive)

• + Addedwrappy@1.0.2(transitive)

• + Addedyallist@3.1.1(transitive)