skia-canvas
Advanced tools
skia-canvas - npm Package Compare versions
Comparing version 0.9.5 to 0.9.6
| { | ||
| "name": "skia-canvas", | ||
| "version": "0.9.5", | ||
| "version": "0.9.6", | ||
| "description": "A canvas environment for Node", | ||
@@ -12,9 +12,2 @@ "main": "lib/index.js", | ||
| }, | ||
| "files": [ | ||
| "lib", | ||
| "native/build.rs", | ||
| "native/Cargo.*", | ||
| "native/src", | ||
| "native/index.node" | ||
| ], | ||
| "bugs": { | ||
@@ -40,13 +33,4 @@ "url": "https://github.com/samizdatco/skia-canvas/issues" | ||
| "scripts": { | ||
| "install": "node-pre-gyp install --fallback-to-build=false || neon build --release", | ||
| "package": "node-pre-gyp package", | ||
| "upload-binary": "node-pre-gyp package && node-pre-gyp-github publish" | ||
| "install": "neon build --release" | ||
| }, | ||
| "binary": { | ||
| "module_name": "index", | ||
| "host": "https://github.com/samizdatco/skia-canvas/releases/download/", | ||
| "remote_path": "{version}", | ||
| "package_name": "{node_abi}-{platform}-{arch}.tar.gz", | ||
| "module_path": "./native" | ||
| }, | ||
| "dependencies": { | ||
@@ -53,0 +37,0 @@ "glob": "^7.1.6", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 3 instances in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Improved metrics
- Number of package files
- increased by9.09%
24
- Lines of code
- increased by242.27%
4138
- Number of medium supply chain risk alerts
- decreased by-75%
1
Worsened metrics
- Total package byte prevSize
- decreased by-98.51%
310696
- Number of low supply chain risk alerts
- increased by100%
2