w3capi - npm Package Compare versions

Comparing version 1.1.0 to 1.1.1

package.json

 {
+  "dependencies": {},
+  "deprecated": "Use package node-w3capi instead",
+  "description": "**Deprecated**; use package [`node-w3capi`](https://www.npmjs.com/package/node-w3capi) instead.",
   "name": "w3capi",
-  "version": "1.1.0",
-  "license": "MIT",
-  "repository": "https://github.com/darobin/w3capi.git",
-  "dependencies": {
-    "async": "^1.4.0",
-    "superagent": "^1.3.0"
-  },
-  "devDependencies": {
-    "expect.js": "^0.3.1",
-    "mocha": "^2.2.5"
-  }
+  "version": "1.1.1"
 }

New alerts

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

No License Found

License

(Experimental) License information could not be found.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Dependency count

0

decreased by-100%

Dev dependency count

0

decreased by-100%

Number of low supply chain risk alerts

1

decreased by-66.67%

Worsened metrics

Total package byte prevSize

234

decreased by-98.83%

Number of package files

1

decreased by-85.71%

Number of low license alerts

1

increased byInfinity%

Lines of code

0

decreased by-100%

Number of medium quality alerts

2

increased by100%

Number of lines in readme file

0

decreased by-100%

Number of medium supply chain risk alerts

3

increased byInfinity%

Dependency changes

• - Removedasync@^1.4.0

• - Removedsuperagent@^1.3.0

• - Removedasync@1.5.2(transitive)

• - Removedcombined-stream@1.0.8(transitive)

• - Removedcomponent-emitter@1.2.1(transitive)

• - Removedcookiejar@2.0.6(transitive)

• - Removedcore-util-is@1.0.3(transitive)

• - Removeddebug@2.6.9(transitive)

• - Removeddelayed-stream@1.0.0(transitive)

• - Removedextend@3.0.0(transitive)

• - Removedform-data@1.0.0-rc3(transitive)

• - Removedformidable@1.0.17(transitive)

• - Removedinherits@2.0.4(transitive)

• - Removedisarray@0.0.1(transitive)

• - Removedmethods@1.1.2(transitive)

• - Removedmime@1.3.4(transitive)

• - Removedmime-db@1.52.0(transitive)

• - Removedmime-types@2.1.35(transitive)

• - Removedms@2.0.0(transitive)

• - Removedqs@2.3.3(transitive)

• - Removedreadable-stream@1.0.27-1(transitive)

• - Removedreduce-component@1.0.1(transitive)

• - Removedstring_decoder@0.10.31(transitive)

• - Removedsuperagent@1.8.5(transitive)