spm - npm Package Compare versions

Comparing version 2.1.0 to 2.1.1-a1

lib/install.js

@@ -82,2 +82,4 @@ /* install package from spmjs.org */
     }
+  } else {
+    pkg = pkg + '@stable';
   }
@@ -84,0 +86,0 @@ if (_.contains(Object.keys(_cache), pkg)) {

lib/utils/program.js

@@ -82,6 +82,12 @@ /*
 exports.findNodePath = function(nodepath) {
+  nodepath = path.normalize(nodepath);
+
   if (process.env.NODE_PATH) {
+    if (process.platform === 'win32' && path.normalize(process.env.NODE_PATH) === nodepath) {
+      return;
+    }
+
     var paths = process.env.NODE_PATH.split(':');
     var ret = paths.filter(function(p) {
-      return p.replace(/\/$/, '') === nodepath;
+      return path.normalize(p) === nodepath;
     });
@@ -88,0 +94,0 @@

package.json

 {
   "name": "spm",
-  "version": "2.1.0",
+  "version": "2.1.1a1",
   "preferGlobal": "true",
@@ -5,0 +5,0 @@ "description": "Static Package Manager",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Manifest confusion

Supply chain risk

This package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Lines of code

1889

increased by0.32%

Worsened metrics

Total package byte prevSize

79125

decreased by-43.57%

Number of package files

35

decreased by-39.66%

Number of low quality alerts

2

increased by100%

Number of low supply chain risk alerts

24

increased by4.35%

Number of medium supply chain risk alerts

4

increased by33.33%

No dependency changes