read-package-json
Advanced tools
read-package-json - npm Package Compare versions
Comparing version 1.3.3 to 2.0.0
| { | ||
| "name": "read-package-json", | ||
| "version": "1.3.3", | ||
| "version": "2.0.0", | ||
| "author": "Isaac Z. Schlueter <i@izs.me> (http://blog.izs.me/)", | ||
@@ -17,3 +17,3 @@ "description": "The thing npm uses to read package.json files with semantics and defaults and validation", | ||
| "json-parse-helpfulerror": "^1.0.2", | ||
| "normalize-package-data": "^1.0.0" | ||
| "normalize-package-data": "^2.0.0" | ||
| }, | ||
@@ -20,0 +20,0 @@ "devDependencies": { |
@@ -34,3 +34,3 @@ var path = require('path') | ||
| devDependencies: { tap: '~0.2.5' }, | ||
| homepage: 'https://github.com/isaacs/read-package-json', | ||
| homepage: 'https://github.com/isaacs/read-package-json#readme', | ||
| optionalDependencies: { npmlog: '0', 'graceful-fs': '~1.1.8' }, | ||
@@ -37,0 +37,0 @@ _id: 'read-package-json@0.1.1', |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.03%
23431
Worsened metrics
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Addedfunction-bind@1.1.2(transitive)
+ Addedhasown@2.0.2(transitive)
+ Addedhosted-git-info@2.8.9(transitive)
+ Addedis-core-module@2.15.1(transitive)
+ Addednormalize-package-data@2.5.0(transitive)
+ Addedpath-parse@1.0.7(transitive)
+ Addedresolve@1.22.8(transitive)
+ Addedsemver@5.7.2(transitive)
+ Addedspdx-correct@3.2.0(transitive)
+ Addedspdx-exceptions@2.5.0(transitive)
+ Addedspdx-expression-parse@3.0.1(transitive)
+ Addedspdx-license-ids@3.0.20(transitive)
+ Addedsupports-preserve-symlinks-flag@1.0.0(transitive)
+ Addedvalidate-npm-package-license@3.0.4(transitive)
- Removedgithub-url-from-git@1.5.0(transitive)
- Removedgithub-url-from-username-repo@1.0.2(transitive)
- Removednormalize-package-data@1.0.3(transitive)
- Removedsemver@4.3.6(transitive)