td-js-sdk - npm Package Compare versions

Comparing version 1.8.3 to 1.8.4-beta1

CHANGELOG.md

 # Changelog
 
+## 1.8.4-beta1 (2017-06-23)
+* Beta test of fix for IE8/9 support
+
 ## 1.8.3 (2017-05-22)
@@ -4,0 +7,0 @@ * Bumped version reported by `Treasure#version`

lib/version.js

@@ -1,1 +0,1 @@
-module.exports = '1.8.3'
+module.exports = '1.8.4-beta1'

package.json

 {
   "name": "td-js-sdk",
-  "version": "1.8.3",
+  "version": "1.8.4-beta1",
   "license": "Apache-2.0",
@@ -21,3 +21,3 @@ "bugs": "https://github.com/treasure-data/td-js-sdk/issues",
     "build-loader": "./bin/build-loader.sh",
-    "build-min": "webpack --output-filename [name].min.js -p",
+    "build-min": "MINIFY_BUILD=true webpack --output-filename [name].min.js",
     "clean": "rm -rf ./dist && mkdir -p ./dist",
@@ -56,2 +56,3 @@ "e2e": "node ./bin/e2e.js",
     "uglifyjs": "^2.4.10",
+    "uglifyjs-webpack-plugin": "^0.4.6",
     "wd": "^0.4.0",
@@ -58,0 +59,0 @@ "webpack": "^1.13.1",

README.md

@@ -15,3 +15,3 @@ # td-js-sdk
 <script type="text/javascript">
-!function(t,e){if(void 0===e[t]){e[t]=function(){e[t].clients.push(this),this._init=[Array.prototype.slice.call(arguments)]},e[t].clients=[];for(var r=function(t){return function(){return this["_"+t]=this["_"+t]||[],this["_"+t].push(Array.prototype.slice.call(arguments)),this}},s=["addRecord","set","trackEvent","trackPageview","trackClicks","ready"],a=0;a<s.length;a++){var c=s[a];e[t].prototype[c]=r(c)}var n=document.createElement("script");n.type="text/javascript",n.async=!0,n.src=("https:"===document.location.protocol?"https:":"http:")+"//cdn.treasuredata.com/sdk/1.8.3/td.min.js";var i=document.getElementsByTagName("script")[0];i.parentNode.insertBefore(n,i)}}("Treasure",this);
+!function(t,e){if(void 0===e[t]){e[t]=function(){e[t].clients.push(this),this._init=[Array.prototype.slice.call(arguments)]},e[t].clients=[];for(var r=function(t){return function(){return this["_"+t]=this["_"+t]||[],this["_"+t].push(Array.prototype.slice.call(arguments)),this}},s=["addRecord","set","trackEvent","trackPageview","trackClicks","ready"],a=0;a<s.length;a++){var c=s[a];e[t].prototype[c]=r(c)}var n=document.createElement("script");n.type="text/javascript",n.async=!0,n.src=("https:"===document.location.protocol?"https:":"http:")+"//cdn.treasuredata.com/sdk/1.8.4-beta1/td.min.js";var i=document.getElementsByTagName("script")[0];i.parentNode.insertBefore(n,i)}}("Treasure",this);
 </script>
@@ -18,0 +18,0 @@ ```

webpack.config.js

 const webpack = require('webpack')
+const UglifyJSPlugin = require('uglifyjs-webpack-plugin')
 
@@ -15,4 +16,21 @@ module.exports = {
       'process.env.NODE_ENV': JSON.stringify(process.env.NODE_ENV || 'production')
-    })
+    }),
+    process.env.MINIFY_BUILD
+      ? new UglifyJSPlugin({
+        compress: {
+          screw_ie8: false
+        },
+        mangle: {
+          screw_ie8: false
+        },
+        output: {
+          screw_ie8: false
+        }
+      })
+      : new UglifyJSPlugin({
+        compress: false,
+        mangle: false,
+        beautify: true
+      })
   ]
 }

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

212908

0.72%

Lines of code

1127

1.62%

Number of medium supply chain risk alerts

1

-50%

Worsened metrics

Dev dependency count

16

6.67%

Number of low quality alerts

2

100%

Number of low supply chain risk alerts

7

16.67%

No dependency changes