sort-package-json
Advanced tools
sort-package-json - npm Package Compare versions
+4
-4
@@ -13,5 +13,5 @@ /* eslint-disable @typescript-eslint/no-explicit-any */ | ||
| * | ||
| * @param packageJson - A packageJson | ||
| * @param options - An options object | ||
| * @returns Sorted packageJson object | ||
| * @param packageJson - A packageJson. | ||
| * @param options - An options object. | ||
| * @returns Sorted packageJson object. | ||
| */ | ||
@@ -24,3 +24,3 @@ <T extends Record<any, any>>(packageJson: T, options?: Options): T | ||
| * @param packageJson - A packageJson string. | ||
| * @param options - An options object | ||
| * @param options - An options object. | ||
| * @returns Sorted packageJson string. | ||
@@ -27,0 +27,0 @@ */ |
+7
-5
| { | ||
| "name": "sort-package-json", | ||
| "version": "3.3.0", | ||
| "version": "3.3.1", | ||
| "description": "Sort an Object or package.json based on the well-known package.json keys", | ||
@@ -49,4 +49,4 @@ "keywords": [ | ||
| "semantic-release": "semantic-release", | ||
| "test": "ava && dtslint --localTs node_modules/typescript/lib", | ||
| "test-coverage": "c8 ava", | ||
| "test": "ava && tstyche", | ||
| "test-coverage": "c8 npm run test", | ||
| "update-snapshots": "ava --update-snapshots" | ||
@@ -93,3 +93,2 @@ }, | ||
| "dot-prop": "^9.0.0", | ||
| "dtslint": "^4.2.1", | ||
| "esbuild": "^0.25.0", | ||
@@ -106,4 +105,7 @@ "eslint": "^9.21.0", | ||
| "tempy": "^3.1.0", | ||
| "typescript": "^5.8.2" | ||
| "tstyche": "^4.0.0" | ||
| }, | ||
| "engines": { | ||
| "node": ">=20" | ||
| } | ||
| } |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Dev dependency count
18
-5.26%- Number of low supply chain risk alerts
4
-33.33%Worsened metrics
- Total package byte prevSize
118381
-0.01%