saml2-js - npm Package Compare versions

Comparing version 2.0.8 to 2.0.9

index.js

@@ -1,2 +0,1 @@
-var path = require('path').join(__dirname, (process.env.TEST_COV_SAML2 ? 'lib-js-cov' : 'lib-js'), 'saml2');
-module.exports = require(path);
+module.exports = require('./lib-js/saml2');

package.json

 {
   "name": "saml2-js",
-  "version": "2.0.8",
+  "version": "2.0.9",
   "description": "SAML 2.0 node helpers",
@@ -11,4 +11,6 @@ "author": "Clever",
   "scripts": {
-    "test": "make -Br test",
-    "test-cov": "make -Br test-cov"
+    "build": "coffee --bare -c -o lib-js lib",
+    "test": "NODE_ENV=test mocha --require coffee-script/register test/*.coffee",
+    "test-cov": "NODE_ENV=test nyc --extension .coffee -r html -r text mocha --require coffee-script/register test/*.coffee",
+    "prepare": "npm run build"
   },
@@ -28,4 +30,4 @@ "repository": {
     "coffee-script": "^1.12.0",
-    "jscoverage": "^0.6.0",
-    "mocha": "^8.2.0"
+    "mocha": "^8.2.0",
+    "nyc": "^15.0.0"
   },
@@ -32,0 +34,0 @@ "dependencies": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

1

decreased by-66.67%

Worsened metrics

Total package byte prevSize

235129

decreased by-0.26%

Number of package files

48

decreased by-2.04%

Lines of code

935

decreased by-0.11%

No dependency changes