untar - npm Package Compare versions

Comparing version 0.2.1 to 0.2.2

package.json

 {
   "name": "untar",
-  "version": "0.2.1",
+  "version": "0.2.2",
   "description": "a simple tar file unpacker",
@@ -17,9 +17,9 @@ "keywords": [
   "dependencies": {
-    "foreach": "https://github.com/jkroso/forEach/tarball/0.8.4",
+    "foreach": "https://github.com/jkroso/forEach/tarball/0.8.5",
     "path": "http://github.com/jkroso/path/tarball/1.1.0",
-    "writefile": "0.2.2",
-    "resultify": "0.2.3",
-    "when-all": "0.4.3",
+    "writefile": "0.2.3",
+    "resultify": "0.2.4",
+    "when-all": "0.4.4",
     "mkdirp": "0.3.5",
-    "result": "0.3.0",
+    "result": "0.3.1",
     "tar": "0.1.17",
@@ -29,9 +29,6 @@ "result-type": "1.0.0"
   "devDependencies": {
-    "fs-equals": "0.2.2",
-    "mocha": "1.11.0",
+    "fs-equals": "0.2.4",
+    "mocha": "1.12.0",
     "hyperquest": "0.1.4"
-  },
-  "scripts": {
-    "install": "npm dedupe"
   }
 }

New alerts

HTTP dependency

Supply chain risk

Contains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.

Found 1 instance in 1 package

Fixed alerts

HTTP dependency

Supply chain risk

Contains a dependency which resolves to a remote HTTP URL which could be used to inject untrusted code and reduce overall package reliability.

Found 1 instance in 1 package

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Improved metrics

Number of high supply chain risk alerts

2

decreased by-33.33%

Worsened metrics

Total package byte prevSize

3938

decreased by-1.2%

Dependency changes

• + Addedresult@0.3.1(transitive)

• + Addedresultify@0.2.4(transitive)

• + Addedunhandled@0.1.1(transitive)

• + Addedwhen-all@0.4.4(transitive)

• + Addedwritefile@0.2.3(transitive)

• - Removedresult@0.3.0(transitive)

• - Removedresultify@0.2.3(transitive)

• - Removedunhandled@0.1.0(transitive)

• - Removedwhen-all@0.4.3(transitive)

• - Removedwritefile@0.2.2(transitive)

• Updatedforeach@https://github.com/jkroso/forEach/tarball/0.8.5

• Updatedresult@0.3.1

• Updatedresultify@0.2.4

• Updatedwhen-all@0.4.4

• Updatedwritefile@0.2.3