snyk-try-require - npm Package Compare versions

Comparing version 1.1.1 to 1.2.0

lib/try-require.js

@@ -25,3 +25,8 @@ module.exports = tryRequire;
   return fs.readFile(filename, 'utf8')
-    .then(JSON.parse)
+    .then(function (pkgStr) {
+      var pkg = JSON.parse(pkgStr);
+      pkg.leading = pkgStr.match(/^(\s*){/)[1];
+      pkg.trailing = pkgStr.match(/}(\s*)$/)[1];
+      return pkg;
+    })
     .catch(function (e) {
@@ -91,2 +96,2 @@ debug('tryRequire silently failing on %s', e.message);
     .catch(console.log);
-}
+}

package.json

@@ -38,3 +38,3 @@ {
   },
-  "version": "1.1.1"
+  "version": "1.2.0"
 }

README.md

@@ -14,2 +14,3 @@ # Snyk's (try) require
 - If a Snyk policy is present, will add the path of the policy to the `snyk` property
-- If the package uses `npm-shrinkwrap.json` will include a `shrinkwrap` boolean property
+- If the package uses `npm-shrinkwrap.json` will include a `shrinkwrap` boolean property
+- Returns the `leading` and `trailing` whitespace of the original `package.json` file as a `leading` and `trailing` property respectively

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

27996

increased by2.9%

Lines of code

82

increased by7.89%

Number of lines in readme file

16

increased by14.29%

Worsened metrics

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes