veplayer-mp-wechat - npm Package Compare versions

Comparing version 1.0.2 to 1.0.3-alpha.0

dist/plugins/progress/index.js

@@ -133,2 +133,6 @@ "use strict";
             const { value } = e.detail;
+            const { duration } = this.data;
+            if (!duration) {
+                return;
+            }
             const cTime = value * this.data.duration / 100;
@@ -135,0 +139,0 @@ this.setData({

package.json

 {
   "name": "veplayer-mp-wechat",
-  "version": "1.0.2",
+  "version": "1.0.3-alpha.0",
   "license": "MIT",
@@ -13,3 +13,4 @@ "miniprogram": "dist",
     "dist",
-    "README.md"
+    "README.md",
+    "postinstall.js"
   ],
@@ -19,3 +20,4 @@ "scripts": {
     "release:alpha": "npm version prerelease --preid=alpha && npm run build && npm publish --tag alpha --registry=https://registry.npmjs.org",
-    "build": "TRANSFORM_TYPE=weapp gulp -f ../../scripts/gulp.file.ts --cwd ../../packages/weapp/"
+    "build": "TRANSFORM_TYPE=weapp gulp -f ../../scripts/gulp.file.ts --cwd ../../packages/weapp/",
+    "postinstall": "node postinstall.js"
   },
@@ -22,0 +24,0 @@ "dependencies": {

New alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

129971

increased by1.65%

Number of package files

57

increased by1.79%

Lines of code

2098

increased by2.59%

Worsened metrics

Number of low quality alerts

2

increased by100%

Number of high supply chain risk alerts

1

increased byInfinity%

Number of low supply chain risk alerts

2

increased by100%

No dependency changes