Comparing version 2.2.0 to 2.2.1
{ | ||
"name": "sigstore", | ||
"version": "2.2.0", | ||
"version": "2.2.1", | ||
"description": "code-signing for npm packages", | ||
@@ -32,3 +32,3 @@ "main": "dist/index.js", | ||
"@sigstore/jest": "^0.0.0", | ||
"@sigstore/mock": "^0.6.3", | ||
"@sigstore/mock": "^0.6.4", | ||
"@tufjs/repo-mock": "^2.0.0", | ||
@@ -39,7 +39,7 @@ "@types/make-fetch-happen": "^10.0.4" | ||
"@sigstore/bundle": "^2.1.1", | ||
"@sigstore/core": "^0.2.0", | ||
"@sigstore/core": "^1.0.0", | ||
"@sigstore/protobuf-specs": "^0.2.1", | ||
"@sigstore/sign": "^2.2.1", | ||
"@sigstore/sign": "^2.2.2", | ||
"@sigstore/tuf": "^2.3.0", | ||
"@sigstore/verify": "^0.1.0" | ||
"@sigstore/verify": "^1.0.0" | ||
}, | ||
@@ -46,0 +46,0 @@ "engines": { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
0
+ Added@sigstore/verify@1.2.1(transitive)
- Removed@sigstore/core@0.2.0(transitive)
- Removed@sigstore/verify@0.1.0(transitive)
Updated@sigstore/core@^1.0.0
Updated@sigstore/sign@^2.2.2
Updated@sigstore/verify@^1.0.0