wheat
Advanced tools
Comparing version 0.2.6 to 2.0.1
| { | ||
| "name": "wheat", | ||
| "description": "Git powered javascript blog.", | ||
| "tags": ["git","node","howtonode","blog"], | ||
| "version": "0.2.6", | ||
| "version": "2.0.1", | ||
| "description": "", | ||
| "main": "renderers.js", | ||
| "author": "Tim Caswell <tim@creationix.com>", | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "http://github.com/creationix/wheat.git" | ||
| }, | ||
| "bugs": "http://github.com/creationix/wheat/issues", | ||
| "engines": ["node >= 0.4.0"], | ||
| "main": "lib/wheat.js", | ||
| "license": "MIT", | ||
| "dependencies": { | ||
| "git-fs": ">=0.0.9", | ||
| "simple-mime": ">=0.0.1", | ||
| "haml": ">=0.2.5", | ||
| "step": ">=0.0.3", | ||
| "co": "^3.1.0", | ||
| "datetime": "0.0.3", | ||
| "proto": ">=0.1.0" | ||
| "gen-run": "^0.1.2", | ||
| "haml": "^0.4.3", | ||
| "js-git": "^0.7.7", | ||
| "koa": "^0.10.0", | ||
| "koa-conditional-get": "^1.0.2", | ||
| "koa-etag": "^2.0.0", | ||
| "koa-logger": "^1.2.2", | ||
| "repo-farm": "^1.0.0", | ||
| "simple-mime": "^0.1.0" | ||
| } | ||
| } |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Fixed alerts
Non-existent author
Supply chain riskThe package was published by an npm account that no longer exists.
Found 1 instance in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Number of low quality alerts
- decreased by-50%
1
- Number of high supply chain risk alerts
- decreased by-100%
0
- Number of low supply chain risk alerts
- decreased by-50%
2
Worsened metrics
- Total package byte prevSize
- decreased by-12.41%
106230
- Dependency count
- increased by83.33%
11
- Number of package files
- decreased by-40%
6
- Lines of code
- decreased by-14.79%
2811
- Number of medium quality alerts
- increased by100%
2
- Number of lines in readme file
- decreased by-100%
0
- Number of medium supply chain risk alerts
- increased by100%
2
Dependency changes
+ Addedco@^3.1.0
+ Addedgen-run@^0.1.2
+ Addedjs-git@^0.7.7
+ Addedkoa@^0.10.0
+ Addedkoa-conditional-get@^1.0.2
+ Addedkoa-etag@^2.0.0
+ Addedkoa-logger@^1.2.2
+ Addedrepo-farm@^1.0.0
+ Addedaccepts@1.0.7(transitive)
+ Addedansi-regex@2.1.1(transitive)
+ Addedansi-styles@2.2.1(transitive)
+ Addedany-promise@1.3.0(transitive)
+ Addedbodec@0.1.0(transitive)
+ Addedbytes@1.0.0(transitive)
+ Addedchalk@1.1.3(transitive)
+ Addedco@3.1.0(transitive)
+ Addedcookies@0.5.1(transitive)
+ Addedculvert@0.1.2(transitive)
+ Addeddebug@4.3.5(transitive)
+ Addeddelegates@0.0.3(transitive)
+ Addeddethroy@1.0.2(transitive)
+ Addedee-first@1.0.3(transitive)
+ Addederror-inject@1.0.0(transitive)
+ Addedescape-html@1.0.3(transitive)
+ Addedescape-string-regexp@1.0.5(transitive)
+ Addedetag@1.8.1(transitive)
+ Addedfinished@1.2.2(transitive)
+ Addedfresh@0.2.4(transitive)
+ Addedgen-run@0.1.2(transitive)
+ Addedgit-node-fs@1.0.0(transitive)
+ Addedgit-sha1@0.1.2(transitive)
+ Addedhas-ansi@2.0.0(transitive)
+ Addedhumanize-number@0.0.2(transitive)
+ Addedjs-git@0.7.8(transitive)
+ Addedkeygrip@1.0.3(transitive)
+ Addedkoa@0.10.0(transitive)
+ Addedkoa-compose@2.3.0(transitive)
+ Addedkoa-conditional-get@1.0.4(transitive)
+ Addedkoa-etag@2.1.2(transitive)
+ Addedkoa-is-json@1.0.0(transitive)
+ Addedkoa-logger@1.3.1(transitive)
+ Addedmedia-typer@0.2.0(transitive)
+ Addedmime-types@1.0.2(transitive)
+ Addedms@2.1.2(transitive)
+ Addedmz@2.7.0(transitive)
+ Addednegotiator@0.4.7(transitive)
+ Addedobject-assign@4.1.1(transitive)
+ Addedonly@0.0.2(transitive)
+ Addedpako@0.2.9(transitive)
+ Addedparseurl@1.2.0(transitive)
+ Addedpassthrough-counter@1.0.0(transitive)
+ Addedrepo-farm@1.0.0(transitive)
+ Addedstatuses@1.0.4(transitive)
+ Addedstrip-ansi@3.0.1(transitive)
+ Addedsupports-color@2.0.0(transitive)
+ Addedthenify@3.3.1(transitive)
+ Addedthenify-all@1.6.0(transitive)
+ Addedtype-is@1.3.2(transitive)
+ Addedvary@0.1.0(transitive)
- Removedgit-fs@>=0.0.9
- Removedproto@>=0.1.0
- Removedstep@>=0.0.3
- Removedgit-fs@0.0.11(transitive)
- Removedproto@1.0.19(transitive)
- Removedstep@1.0.0(transitive)
Updatedhaml@^0.4.3
Updatedsimple-mime@^0.1.0