shoes - npm Package Compare versions
+4
-4
| { "name" : "shoes", | ||
| "version" : "0.6.0", | ||
| "version" : "0.7.0", | ||
| "homepage": "http://github.com/sydneystockholm/shoes", | ||
@@ -11,5 +11,5 @@ "main" : "index.js", | ||
| "dependencies": { | ||
| "express": ">= 3.4.2", | ||
| "nunjucks": "0.1.10", | ||
| "less": ">= 1.4.2", | ||
| "express": "~ 3", | ||
| "nunjucks": "~ 1", | ||
| "less": "~ 1.5", | ||
| "uglify-js": "~ 2", | ||
@@ -16,0 +16,0 @@ "mkdirp": "*", |
+2
-2
@@ -77,3 +77,3 @@ var assert = require('assert') | ||
| assert(!err, err); | ||
| assert.equal(body, 'p{color:#00f}\nbody{color:#f00}\n'); | ||
| assert.equal(body, 'p{color:#00f}body{color:#f00}'); | ||
| close(url); | ||
@@ -301,3 +301,3 @@ (fs.exists || path.exists)(__dirname + '/data/srv3/compiled/css/style.css', function (exists) { | ||
| assert.equal(res.statusCode, 200); | ||
| assert.equal(body, 'body{color:#f00}\na{color:#008000}\n'); | ||
| assert.equal(body, 'body{color:#f00}a{color:#008000}'); | ||
| close(url); | ||
@@ -304,0 +304,0 @@ done(); |
New alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
46595
-0.04%Dependency changes
+ Added
accepts@1.2.131.3.8(transitive)+ Added
ajv@6.14.0(transitive)+ Added
amdefine@1.0.1(transitive)+ Added
asn1@0.2.6(transitive)+ Added
assert-plus@1.0.0(transitive)+ Added
async-each@0.1.6(transitive)+ Added
asynckit@0.4.0(transitive)+ Added
aws-sign2@0.7.0(transitive)+ Added
aws4@1.13.2(transitive)+ Added
base64-url@1.2.1(transitive)+ Added
basic-auth@1.0.4(transitive)+ Added
basic-auth-connect@1.0.0(transitive)+ Added
batch@0.5.3(transitive)+ Added
bcrypt-pbkdf@1.0.2(transitive)+ Added
body-parser@1.13.3(transitive)+ Added
bytes@2.1.02.4.0(transitive)+ Added
caseless@0.12.0(transitive)+ Added
chokidar@0.12.6(transitive)+ Added
clean-css@2.0.8(transitive)+ Added
combined-stream@1.0.8(transitive)+ Added
commander@2.0.02.6.0(transitive)+ Added
compressible@2.0.18(transitive)+ Added
compression@1.5.2(transitive)+ Added
connect@2.30.2(transitive)+ Added
connect-timeout@1.6.2(transitive)+ Added
content-disposition@0.5.0(transitive)+ Added
cookie@0.1.3(transitive)+ Added
cookie-parser@1.3.5(transitive)+ Added
cookie-signature@1.0.6(transitive)+ Added
core-util-is@1.0.21.0.3(transitive)+ Added
crc@3.3.0(transitive)+ Added
csrf@3.0.6(transitive)+ Added
csurf@1.8.3(transitive)+ Added
dashdash@1.14.1(transitive)+ Added
debug@2.2.02.6.9(transitive)+ Added
delayed-stream@1.0.0(transitive)+ Added
depd@1.0.11.1.2(transitive)+ Added
destroy@1.0.31.0.4(transitive)+ Added
ecc-jsbn@0.1.2(transitive)+ Added
errorhandler@1.4.3(transitive)+ Added
escape-html@1.0.2(transitive)+ Added
etag@1.7.0(transitive)+ Added
express@3.21.2(transitive)+ Added
express-session@1.11.3(transitive)+ Added
extend@3.0.2(transitive)+ Added
extsprintf@1.3.0(transitive)+ Added
fast-deep-equal@3.1.3(transitive)+ Added
fast-json-stable-stringify@2.1.0(transitive)+ Added
finalhandler@0.4.0(transitive)+ Added
forever-agent@0.6.1(transitive)+ Added
form-data@2.3.3(transitive)+ Added
forwarded@0.1.2(transitive)+ Added
fresh@0.3.0(transitive)+ Added
fsevents@0.3.8(transitive)+ Added
getpass@0.1.7(transitive)+ Added
graceful-fs@2.0.3(transitive)+ Added
har-schema@2.0.0(transitive)+ Added
har-validator@5.1.5(transitive)+ Added
http-errors@1.3.1(transitive)+ Added
http-signature@1.2.0(transitive)+ Added
iconv-lite@0.4.110.4.13(transitive)+ Added
ipaddr.js@1.0.5(transitive)+ Added
is-typedarray@1.0.0(transitive)+ Added
isarray@0.0.1(transitive)+ Added
isstream@0.1.2(transitive)+ Added
jsbn@0.1.1(transitive)+ Added
json-schema@0.4.0(transitive)+ Added
json-schema-traverse@0.4.1(transitive)+ Added
json-stringify-safe@5.0.1(transitive)+ Added
jsprim@1.4.2(transitive)+ Added
less@1.5.1(transitive)+ Added
lru-cache@2.7.3(transitive)+ Added
media-typer@0.3.0(transitive)+ Added
merge-descriptors@1.0.0(transitive)+ Added
method-override@2.3.10(transitive)+ Added
methods@1.1.2(transitive)+ Added
mime@1.2.111.3.4(transitive)+ Added
mime-db@1.52.0(transitive)+ Added
mime-types@2.1.35(transitive)+ Added
minimatch@0.2.14(transitive)+ Added
minimist@0.0.8(transitive)+ Added
mkdirp@0.3.50.5.1(transitive)+ Added
morgan@1.6.1(transitive)+ Added
ms@0.7.10.7.22.0.0(transitive)+ Added
multiparty@3.3.2(transitive)+ Added
nan@2.26.2(transitive)+ Added
negotiator@0.5.30.6.3(transitive)+ Added
nunjucks@1.3.4(transitive)+ Added
oauth-sign@0.9.0(transitive)+ Added
on-finished@2.3.0(transitive)+ Added
on-headers@1.0.21.1.0(transitive)+ Added
optimist@0.6.1(transitive)+ Added
pause@0.1.0(transitive)+ Added
performance-now@2.1.0(transitive)+ Added
proxy-addr@1.0.10(transitive)+ Added
psl@1.15.0(transitive)+ Added
punycode@2.3.1(transitive)+ Added
qs@4.0.06.5.5(transitive)+ Added
random-bytes@1.0.0(transitive)+ Added
range-parser@1.0.3(transitive)+ Added
raw-body@2.1.7(transitive)+ Added
readable-stream@1.0.341.1.14(transitive)+ Added
readdirp@1.3.0(transitive)+ Added
request@2.88.2(transitive)+ Added
response-time@2.3.4(transitive)+ Added
rndm@1.2.0(transitive)+ Added
safe-buffer@5.2.1(transitive)+ Added
send@0.13.00.13.2(transitive)+ Added
serve-favicon@2.3.2(transitive)+ Added
serve-index@1.7.3(transitive)+ Added
serve-static@1.10.3(transitive)+ Added
sigmund@1.0.1(transitive)+ Added
source-map@0.1.43(transitive)+ Added
sshpk@1.18.0(transitive)+ Added
statuses@1.2.11.5.0(transitive)+ Added
stream-counter@0.2.0(transitive)+ Added
string_decoder@0.10.31(transitive)+ Added
tough-cookie@2.5.0(transitive)+ Added
tsscmp@1.0.5(transitive)+ Added
tunnel-agent@0.6.0(transitive)+ Added
tweetnacl@0.14.5(transitive)+ Added
type-is@1.6.18(transitive)+ Added
uid-safe@2.0.02.1.4(transitive)+ Added
uri-js@4.4.1(transitive)+ Added
utils-merge@1.0.0(transitive)+ Added
uuid@3.4.0(transitive)+ Added
vary@1.0.1(transitive)+ Added
verror@1.10.0(transitive)+ Added
vhost@3.0.2(transitive)+ Added
wordwrap@0.0.3(transitive)- Removed
accepts@2.0.0(transitive)- Removed
async-function@1.0.0(transitive)- Removed
async-generator-function@1.0.0(transitive)- Removed
body-parser@2.2.2(transitive)- Removed
bytes@3.1.2(transitive)- Removed
call-bind-apply-helpers@1.0.2(transitive)- Removed
call-bound@1.0.4(transitive)- Removed
content-disposition@1.0.1(transitive)- Removed
cookie@0.7.2(transitive)- Removed
cookie-signature@1.2.2(transitive)- Removed
copy-anything@3.0.5(transitive)- Removed
debug@4.4.3(transitive)- Removed
dunder-proto@1.0.1(transitive)- Removed
encodeurl@2.0.0(transitive)- Removed
errno@0.1.8(transitive)- Removed
es-define-property@1.0.1(transitive)- Removed
es-errors@1.3.0(transitive)- Removed
es-object-atoms@1.1.1(transitive)- Removed
etag@1.8.1(transitive)- Removed
express@5.2.1(transitive)- Removed
finalhandler@2.1.1(transitive)- Removed
forwarded@0.2.0(transitive)- Removed
fresh@2.0.0(transitive)- Removed
function-bind@1.1.2(transitive)- Removed
generator-function@2.0.1(transitive)- Removed
get-intrinsic@1.3.1(transitive)- Removed
get-proto@1.0.1(transitive)- Removed
gopd@1.2.0(transitive)- Removed
graceful-fs@4.2.11(transitive)- Removed
has-symbols@1.1.0(transitive)- Removed
hasown@2.0.2(transitive)- Removed
http-errors@2.0.1(transitive)- Removed
iconv-lite@0.6.30.7.2(transitive)- Removed
image-size@0.5.5(transitive)- Removed
ipaddr.js@1.9.1(transitive)- Removed
is-promise@4.0.0(transitive)- Removed
is-what@4.1.16(transitive)- Removed
less@4.6.4(transitive)- Removed
make-dir@2.1.0(transitive)- Removed
math-intrinsics@1.1.0(transitive)- Removed
media-typer@1.1.0(transitive)- Removed
merge-descriptors@2.0.0(transitive)- Removed
mime@1.6.0(transitive)- Removed
mime-types@3.0.2(transitive)- Removed
ms@2.1.3(transitive)- Removed
needle@3.5.0(transitive)- Removed
negotiator@1.0.0(transitive)- Removed
nunjucks@0.1.10(transitive)- Removed
object-inspect@1.13.4(transitive)- Removed
on-finished@2.4.1(transitive)- Removed
once@1.4.0(transitive)- Removed
parse-node-version@1.0.1(transitive)- Removed
path-to-regexp@8.3.0(transitive)- Removed
pify@4.0.1(transitive)- Removed
proxy-addr@2.0.7(transitive)- Removed
prr@1.0.1(transitive)- Removed
qs@6.15.0(transitive)- Removed
range-parser@1.2.1(transitive)- Removed
raw-body@3.0.2(transitive)- Removed
router@2.2.0(transitive)- Removed
sax@1.6.0(transitive)- Removed
semver@5.7.2(transitive)- Removed
send@1.2.1(transitive)- Removed
serve-static@2.2.1(transitive)- Removed
setprototypeof@1.2.0(transitive)- Removed
side-channel@1.1.0(transitive)- Removed
side-channel-list@1.0.0(transitive)- Removed
side-channel-map@1.0.1(transitive)- Removed
side-channel-weakmap@1.0.2(transitive)- Removed
source-map@0.6.1(transitive)- Removed
statuses@2.0.2(transitive)- Removed
toidentifier@1.0.1(transitive)- Removed
type-is@2.0.1(transitive)- Removed
wrappy@1.0.2(transitive)Updated
express@~ 3Updated
less@~ 1.5Updated
nunjucks@~ 1