syncpack - npm Package Compare versions
Comparing version 13.0.0 to 14.0.0-alpha.1
| { | ||
| "name": "syncpack", | ||
| "description": "Consistent dependency versions in large JavaScript Monorepos", | ||
| "version": "13.0.0", | ||
| "version": "14.0.0-alpha.1", | ||
| "author": "Jamie Mason <jamie@foldleft.io> (https://github.com/JamieMason)", | ||
| "bin": { | ||
| "syncpack": "dist/bin.js", | ||
| "syncpack-fix-mismatches": "dist/bin-fix-mismatches/index.js", | ||
| "syncpack-format": "dist/bin-format/index.js", | ||
| "syncpack-lint": "dist/bin-lint/index.js", | ||
| "syncpack-lint-semver-ranges": "dist/bin-lint-semver-ranges/index.js", | ||
| "syncpack-list": "dist/bin-list/index.js", | ||
| "syncpack-list-mismatches": "dist/bin-list-mismatches/index.js", | ||
| "syncpack-prompt": "dist/bin-prompt/index.js", | ||
| "syncpack-set-semver-ranges": "dist/bin-set-semver-ranges/index.js", | ||
| "syncpack-update": "dist/bin-update/index.js" | ||
| }, | ||
| "bugs": "https://github.com/JamieMason/syncpack/issues", | ||
@@ -48,47 +36,9 @@ "contributors": [ | ||
| "dependencies": { | ||
| "@effect/schema": "0.71.1", | ||
| "chalk": "5.3.0", | ||
| "chalk-template": "1.1.0", | ||
| "commander": "12.1.0", | ||
| "cosmiconfig": "9.0.0", | ||
| "effect": "3.6.5", | ||
| "enquirer": "2.4.1", | ||
| "fast-check": "3.21.0", | ||
| "globby": "14.0.2", | ||
| "jsonc-parser": "3.3.1", | ||
| "minimatch": "9.0.5", | ||
| "npm-package-arg": "11.0.3", | ||
| "ora": "8.0.1", | ||
| "prompts": "2.4.2", | ||
| "read-yaml-file": "2.1.0", | ||
| "semver": "7.6.3", | ||
| "tightrope": "0.2.0", | ||
| "ts-toolbelt": "9.6.0" | ||
| "typescript": "5.6.3" | ||
| }, | ||
| "devDependencies": { | ||
| "@biomejs/biome": "1.8.3", | ||
| "@release-it/conventional-changelog": "8.0.1", | ||
| "@tsconfig/node18": "18.2.4", | ||
| "@types/node": "22.5.0", | ||
| "@types/npm-package-arg": "6.1.4", | ||
| "@types/prompts": "2.4.9", | ||
| "@types/semver": "7.5.8", | ||
| "@vitest/coverage-v8": "2.0.5", | ||
| "auto-changelog": "2.4.0", | ||
| "memfs": "4.11.1", | ||
| "prettier": "3.3.3", | ||
| "prettier-plugin-astro": "0.14.1", | ||
| "release-it": "17.6.0", | ||
| "ts-node": "10.9.2", | ||
| "typescript": "5.5.4", | ||
| "typescript-json-schema": "0.65.1", | ||
| "vitest": "2.0.5" | ||
| }, | ||
| "engines": { | ||
| "node": ">=18.18.0" | ||
| "node": ">=14.17.0" | ||
| }, | ||
| "exports": "./dist/index.js", | ||
| "files": [ | ||
| "dist" | ||
| ], | ||
| "funding": "https://github.com/sponsors/JamieMason", | ||
| "homepage": "https://github.com/JamieMason/syncpack#readme", | ||
@@ -117,20 +67,14 @@ "keywords": [ | ||
| "repository": "JamieMason/syncpack", | ||
| "scripts": { | ||
| "build": "pnpm run clean && pnpm run build:source && pnpm run build:json-schema", | ||
| "build:json-schema": "typescript-json-schema --esModuleInterop --noExtraProps --ignoreErrors src/index.ts RcFile --out dist/schema.json", | ||
| "build:source": "tsc --project tsconfig.build.json", | ||
| "clean": "rm -rf ./dist", | ||
| "format": "pnpm run format:source && pnpm run format:astro", | ||
| "format:astro": "prettier --write site/src", | ||
| "format:source": "biome check --write --unsafe", | ||
| "lint": "npm run lint:source && npm run lint:engines", | ||
| "lint:engines": "node scripts/check-engines.mjs", | ||
| "lint:source": "biome check && tsc --noEmit", | ||
| "prepack": "pnpm run build", | ||
| "release": "release-it", | ||
| "test": "vitest run --coverage src", | ||
| "test:watch": "vitest run --no-coverage --watch" | ||
| "bin": { | ||
| "syncpack": "./index.js" | ||
| }, | ||
| "type": "module", | ||
| "types": "./dist/index.d.ts" | ||
| } | ||
| "optionalDependencies": { | ||
| "syncpack-linux-x64": "14.0.0-alpha.1", | ||
| "syncpack-linux-arm64": "14.0.0-alpha.1", | ||
| "syncpack-darwin-x64": "14.0.0-alpha.1", | ||
| "syncpack-darwin-arm64": "14.0.0-alpha.1", | ||
| "syncpack-windows-x64": "14.0.0-alpha.1", | ||
| "syncpack-windows-arm64": "14.0.0-alpha.1" | ||
| }, | ||
| "types": "./syncpack.d.ts" | ||
| } |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Improved metrics
- Dependency count
- decreased by-55.56%
8
- Dev dependency count
- decreased by-100%
0
- Number of low supply chain risk alerts
- decreased by-33.33%
2
Worsened metrics
- Total package byte prevSize
- decreased by-86.58%
38258
- Number of package files
- decreased by-97.83%
5
- Lines of code
- decreased by-83.13%
1082
- Number of low quality alerts
- increased byInfinity%
1
- Number of medium supply chain risk alerts
- increased byInfinity%
2
- Is type module
No
Dependency changes
+ Addedtypescript@5.6.3
+ Addedsyncpack-darwin-arm64@14.0.0-alpha.1(transitive)
+ Addedsyncpack-darwin-x64@14.0.0-alpha.1(transitive)
+ Addedsyncpack-linux-arm64@14.0.0-alpha.1(transitive)
+ Addedsyncpack-linux-x64@14.0.0-alpha.1(transitive)
+ Addedsyncpack-windows-arm64@14.0.0-alpha.1(transitive)
+ Addedsyncpack-windows-x64@14.0.0-alpha.1(transitive)
+ Addedtypescript@5.6.3(transitive)
- Removed@effect/schema@0.71.1
- Removedchalk@5.3.0
- Removedchalk-template@1.1.0
- Removedcommander@12.1.0
- Removedeffect@3.6.5
- Removedenquirer@2.4.1
- Removedfast-check@3.21.0
- Removedglobby@14.0.2
- Removedjsonc-parser@3.3.1
- Removedminimatch@9.0.5
- Removednpm-package-arg@11.0.3
- Removedora@8.0.1
- Removedprompts@2.4.2
- Removedread-yaml-file@2.1.0
- Removedsemver@7.6.3
- Removedtightrope@0.2.0
- Removedts-toolbelt@9.6.0
- Removed@effect/schema@0.71.1(transitive)
- Removed@nodelib/fs.scandir@2.1.5(transitive)
- Removed@nodelib/fs.stat@2.0.5(transitive)
- Removed@nodelib/fs.walk@1.2.8(transitive)
- Removed@sindresorhus/merge-streams@2.3.0(transitive)
- Removedansi-colors@4.1.3(transitive)
- Removedansi-regex@5.0.16.1.0(transitive)
- Removedbalanced-match@1.0.2(transitive)
- Removedbrace-expansion@2.0.1(transitive)
- Removedbraces@3.0.3(transitive)
- Removedchalk@5.3.0(transitive)
- Removedchalk-template@1.1.0(transitive)
- Removedcli-cursor@4.0.0(transitive)
- Removedcli-spinners@2.9.2(transitive)
- Removedcommander@12.1.0(transitive)
- Removedeffect@3.6.5(transitive)
- Removedemoji-regex@10.4.0(transitive)
- Removedenquirer@2.4.1(transitive)
- Removedfast-check@3.21.0(transitive)
- Removedfast-glob@3.3.3(transitive)
- Removedfastq@1.19.0(transitive)
- Removedfill-range@7.1.1(transitive)
- Removedget-east-asian-width@1.3.0(transitive)
- Removedglob-parent@5.1.2(transitive)
- Removedglobby@14.0.2(transitive)
- Removedhosted-git-info@7.0.2(transitive)
- Removedignore@5.3.2(transitive)
- Removedis-extglob@2.1.1(transitive)
- Removedis-glob@4.0.3(transitive)
- Removedis-interactive@2.0.0(transitive)
- Removedis-number@7.0.0(transitive)
- Removedis-unicode-supported@1.3.02.1.0(transitive)
- Removedjsonc-parser@3.3.1(transitive)
- Removedkleur@3.0.3(transitive)
- Removedlog-symbols@6.0.0(transitive)
- Removedlru-cache@10.4.3(transitive)
- Removedmerge2@1.4.1(transitive)
- Removedmicromatch@4.0.8(transitive)
- Removedmimic-fn@2.1.0(transitive)
- Removedminimatch@9.0.5(transitive)
- Removednpm-package-arg@11.0.3(transitive)
- Removedonetime@5.1.2(transitive)
- Removedora@8.0.1(transitive)
- Removedpath-type@5.0.0(transitive)
- Removedpicomatch@2.3.1(transitive)
- Removedproc-log@4.2.0(transitive)
- Removedprompts@2.4.2(transitive)
- Removedpure-rand@6.1.0(transitive)
- Removedqueue-microtask@1.2.3(transitive)
- Removedread-yaml-file@2.1.0(transitive)
- Removedrestore-cursor@4.0.0(transitive)
- Removedreusify@1.0.4(transitive)
- Removedrun-parallel@1.2.0(transitive)
- Removedsemver@7.6.3(transitive)
- Removedsignal-exit@3.0.7(transitive)
- Removedsisteransi@1.0.5(transitive)
- Removedslash@5.1.0(transitive)
- Removedstdin-discarder@0.2.2(transitive)
- Removedstring-width@7.2.0(transitive)
- Removedstrip-ansi@6.0.17.1.0(transitive)
- Removedstrip-bom@4.0.0(transitive)
- Removedtightrope@0.2.0(transitive)
- Removedto-regex-range@5.0.1(transitive)
- Removedts-toolbelt@9.6.0(transitive)
- Removedunicorn-magic@0.1.0(transitive)
- Removedvalidate-npm-package-name@5.0.1(transitive)