source-code-pro
Advanced tools
source-code-pro - npm Package Compare versions
Comparing version 0.0.0 to 2.30.0
| { | ||
| "name": "source-code-pro", | ||
| "version": "0.0.0", | ||
| "description": "Source Code Pro available for npm usage", | ||
| "main": "dist/source-code-pro.css", | ||
| "scripts": { | ||
| "test": "echo \"Error: no test specified\" && exit 1" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git+https://github.com/basarat/source-code-pro.git" | ||
| }, | ||
| "version": "2.30.0", | ||
| "description": "Source Code Pro is a set of OpenType fonts that have been designed to work well in user interface (UI) environments.", | ||
| "keywords": [ | ||
| "source", | ||
| "font", | ||
| "sourcecodepro" | ||
| "sans-serif", | ||
| "monospace", | ||
| "Adobe", | ||
| "OpenType", | ||
| "otf", | ||
| "ttf", | ||
| "woff", | ||
| "woff2", | ||
| "eot" | ||
| ], | ||
| "author": "asdf@asdf.com", | ||
| "license": "SIL OFL 1.1", | ||
| "homepage": "https://adobe-fonts.github.io/source-code-pro", | ||
| "bugs": { | ||
| "url": "https://github.com/basarat/source-code-pro/issues" | ||
| "url": "https://github.com/adobe-fonts/source-code-pro/issues" | ||
| }, | ||
| "homepage": "https://github.com/basarat/source-code-pro#readme" | ||
| "license": "SIL Open Font License 1.1", | ||
| "author": { | ||
| "name": "Paul D. Hunt" | ||
| }, | ||
| "contributors": [ | ||
| { | ||
| "name": "Teo Tuominen" | ||
| }, | ||
| { | ||
| "name": "Miguel Sousa" | ||
| } | ||
| ], | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git+https://github.com/adobe-fonts/source-code-pro.git#release" | ||
| } | ||
| } |
New alerts
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Non-permissive License
License(Experimental) A license not known to be considered permissive was found.
Found 1 instance in 1 package
Fixed alerts
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Misc. License Issues
License(Experimental) A package's licensing information has fine-grained problems.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.76%
10217574
- Number of package files
- increased by1.98%
103
- Number of medium license alerts
- decreased by-100%
0
- Lines of code
- increased by9.74%
169
- Number of low quality alerts
- decreased by-100%
0
- Number of medium quality alerts
- decreased by-100%
0
- Number of lines in readme file
- increased byInfinity%
27
Worsened metrics
- Number of low license alerts
- increased byInfinity%
1
- License quality
- decreased by-10%
90
- Number of medium supply chain risk alerts
- increased by2.04%
100