rufflib-validate - npm Package Compare versions

Comparing version 1.3.0 to 2.0.0

package.json

 {
     "name": "rufflib-validate",
-    "version": "1.3.0",
+    "version": "2.0.0",
     "description": "A RuffLIB library for succinctly validating JavaScript values.",
-    "main": "docs/dist/rufflib-validate.es.js",
+    "main": "dist/rufflib-validate.es.js",
     "type": "module",
     "scripts": {
-        "build": "rollup -c",
+        "build": "npm run clean && rollup -c && mkdir docs/dist && cp dist/* docs/dist",
+        "clean": "rm -r dist; rm -r docs/dist; rm -r docs/test",
         "test:docs": "node docs/run-nodejs-tests.js # test docs/ using NodeJS",
@@ -33,4 +34,4 @@ "test:src": "node src/run-nodejs-tests.js # test src/ using NodeJS",
         "rollup-plugin-terser": "^7.0.2",
-        "rufflib-expect": "^2.0.1"
+        "rufflib-expect": "^3.0.0"
     }
 }

README.md

@@ -5,3 +5,3 @@ # RuffLIB Validate
 
-▶  __Version:__ 1.3.0  
+▶  __Version:__ 2.0.0  
 ▶&nbsp; __Homepage:__ <https://richplastow.com/rufflib-validate>  
@@ -37,3 +37,3 @@ ▶&nbsp; __NPM:__ <https://www.npmjs.com/package/rufflib-validate>
 
-Build the minified and unminified bundles, using settings in rollup.config.js:  
+Build the minified and unminified bundles in ‘dist/’ and ‘docs/’:  
 `npm run build`
@@ -40,0 +40,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 8 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

1

decreased by-66.67%

Worsened metrics

Total package byte prevSize

55048

decreased by-88.12%

Number of package files

6

decreased by-84.21%

Lines of code

871

decreased by-89.75%

No dependency changes