Gathering detailed insights and metrics for lock-diff
Gathering detailed insights and metrics for lock-diff
Gathering detailed insights and metrics for lock-diff
Gathering detailed insights and metrics for lock-diff
npm install lock-diff
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
4 Stars
74 Commits
6 Forks
1 Watching
2 Branches
2 Contributors
Updated on 02 Jul 2024
JavaScript (100%)
Cumulative downloads
Total Downloads
Last day
23.8%
26
Compared to previous day
Last week
-15.9%
106
Compared to previous week
Last month
25.5%
468
Compared to previous month
Last year
-52.5%
6,898
Compared to previous year
4
1mv package-lock.json package-lock.old.json 2npm install 3lock-diff package-lock.old.json package-lock.json
Usage: lock-diff [options] <oldPath> <newPath>
Options:
-V, --version output the version number
-f, --format <format> changes the output format (default: "text")
-p, --pretty improves readability of certain output formats (default: false)
-c, --color colorizes certain output formats (default: false)
-h, --help output usage information
--format=text
(default)> lock-diff data/lodash.4-17-11.package-lock.json data/lodash.4-17-15.package-lock.json
ajv 5.5.2 -> 6.10.2
async 2.6.0 -> 2.6.3
chokidar 1.6.1 -> 1.7.0
co added
dojo 1.13.0 -> 1.15.0
ecstatic 2.2.1 -> 2.2.2
fast-deep-equal 1.1.0 -> 2.0.1
fill-range 2.2.3 -> 2.2.4
glob 7.1.2 -> 7.1.4
handlebars 4.0.11 -> 4.1.2
he 1.1.1 -> 1.2.0
jquery 3.3.1 -> 3.4.1
js-yaml 3.6.1 -> 3.13.1
json-schema-traverse 0.3.1 -> 0.4.1
lodash 4.17.3 -> 4.17.14
lodash.merge 4.6.1 -> 4.6.2
mime 1.2.11 -> 1.6.0
randomatic 1.1.7 -> 3.1.1
request 2.85.0 -> 2.88.0
requirejs 2.3.5 -> 2.3.6
stringstream added
chownr removed
deep-extend removed
fs-minipass removed
math-random removed
minipass removed
minizlib removed
neo-async removed
psl removed
rc removed
tar removed
uri-js removed
--format=json
> lock-diff data/lodash.4-17-11.package-lock.json data/lodash.4-17-15.package-lock.json --format=json
{"ajv":["5.5.2","6.10.2"],"async":["2.6.0","2.6.3"],"chokidar":["1.6.1","1.7.0"],"co":["4.6.0",null],"dojo":["1.13.0","1.15.0"],"ecstatic":["2.2.1","2.2.2"],"fast-deep-equal":["1.1.0","2.0.1"],"fill-range":["2.2.3","2.2.4"],"glob":["7.1.2","7.1.4"],"handlebars":["4.0.11","4.1.2"],"he":["1.1.1","1.2.0"],"jquery":["3.3.1","3.4.1"],"js-yaml":["3.6.1","3.13.1"],"json-schema-traverse":["0.3.1","0.4.1"],"lodash":["4.17.3","4.17.14"],"lodash.merge":["4.6.1","4.6.2"],"mime":["1.2.11","1.6.0"],"randomatic":["1.1.7","3.1.1"],"request":["2.85.0","2.88.0"],"requirejs":["2.3.5","2.3.6"],"stringstream":["0.0.5",null],"chownr":[null,"1.1.2"],"deep-extend":[null,"0.6.0"],"fs-minipass":[null,"1.2.6"],"math-random":[null,"1.0.4"],"minipass":[null,"2.3.5"],"minizlib":[null,"1.2.1"],"neo-async":[null,"2.6.1"],"psl":[null,"1.2.0"],"rc":[null,"1.2.8"],"tar":[null,"4.4.10"],"uri-js":[null,"4.2.2"]}
--format=json --pretty
> lock-diff data/lodash.4-17-11.package-lock.json data/lodash.4-17-15.package-lock.json --format=json --pretty
{
"ajv": [
"5.5.2",
"6.10.2"
],
"async": [
"2.6.0",
"2.6.3"
],
"chokidar": [
"1.6.1",
"1.7.0"
],
"co": [
"4.6.0",
null
],
"dojo": [
"1.13.0",
"1.15.0"
],
"ecstatic": [
"2.2.1",
"2.2.2"
],
"fast-deep-equal": [
"1.1.0",
"2.0.1"
],
"fill-range": [
"2.2.3",
"2.2.4"
],
"glob": [
"7.1.2",
"7.1.4"
],
"handlebars": [
"4.0.11",
"4.1.2"
],
"he": [
"1.1.1",
"1.2.0"
],
"jquery": [
"3.3.1",
"3.4.1"
],
"js-yaml": [
"3.6.1",
"3.13.1"
],
"json-schema-traverse": [
"0.3.1",
"0.4.1"
],
"lodash": [
"4.17.3",
"4.17.14"
],
"lodash.merge": [
"4.6.1",
"4.6.2"
],
"mime": [
"1.2.11",
"1.6.0"
],
"randomatic": [
"1.1.7",
"3.1.1"
],
"request": [
"2.85.0",
"2.88.0"
],
"requirejs": [
"2.3.5",
"2.3.6"
],
"stringstream": [
"0.0.5",
null
],
"chownr": [
null,
"1.1.2"
],
"deep-extend": [
null,
"0.6.0"
],
"fs-minipass": [
null,
"1.2.6"
],
"math-random": [
null,
"1.0.4"
],
"minipass": [
null,
"2.3.5"
],
"minizlib": [
null,
"1.2.1"
],
"neo-async": [
null,
"2.6.1"
],
"psl": [
null,
"1.2.0"
],
"rc": [
null,
"1.2.8"
],
"tar": [
null,
"4.4.10"
],
"uri-js": [
null,
"4.2.2"
]
}
--format=table
> lock-diff data/lodash.4-17-11.package-lock.json data/lodash.4-17-15.package-lock.json --format=json
╔══════════════════════╤═════════════╤═════════════╗
║ package │ old version │ new version ║
╟──────────────────────┼─────────────┼─────────────╢
║ ajv │ 5.5.2 │ 6.10.2 ║
╟──────────────────────┼─────────────┼─────────────╢
║ async │ 2.6.0 │ 2.6.3 ║
╟──────────────────────┼─────────────┼─────────────╢
║ chokidar │ 1.6.1 │ 1.7.0 ║
╟──────────────────────┼─────────────┼─────────────╢
║ co │ 4.6.0 │ ║
╟──────────────────────┼─────────────┼─────────────╢
║ dojo │ 1.13.0 │ 1.15.0 ║
╟──────────────────────┼─────────────┼─────────────╢
║ ecstatic │ 2.2.1 │ 2.2.2 ║
╟──────────────────────┼─────────────┼─────────────╢
║ fast-deep-equal │ 1.1.0 │ 2.0.1 ║
╟──────────────────────┼─────────────┼─────────────╢
║ fill-range │ 2.2.3 │ 2.2.4 ║
╟──────────────────────┼─────────────┼─────────────╢
║ glob │ 7.1.2 │ 7.1.4 ║
╟──────────────────────┼─────────────┼─────────────╢
║ handlebars │ 4.0.11 │ 4.1.2 ║
╟──────────────────────┼─────────────┼─────────────╢
║ he │ 1.1.1 │ 1.2.0 ║
╟──────────────────────┼─────────────┼─────────────╢
║ jquery │ 3.3.1 │ 3.4.1 ║
╟──────────────────────┼─────────────┼─────────────╢
║ js-yaml │ 3.6.1 │ 3.13.1 ║
╟──────────────────────┼─────────────┼─────────────╢
║ json-schema-traverse │ 0.3.1 │ 0.4.1 ║
╟──────────────────────┼─────────────┼─────────────╢
║ lodash │ 4.17.3 │ 4.17.14 ║
╟──────────────────────┼─────────────┼─────────────╢
║ lodash.merge │ 4.6.1 │ 4.6.2 ║
╟──────────────────────┼─────────────┼─────────────╢
║ mime │ 1.2.11 │ 1.6.0 ║
╟──────────────────────┼─────────────┼─────────────╢
║ randomatic │ 1.1.7 │ 3.1.1 ║
╟──────────────────────┼─────────────┼─────────────╢
║ request │ 2.85.0 │ 2.88.0 ║
╟──────────────────────┼─────────────┼─────────────╢
║ requirejs │ 2.3.5 │ 2.3.6 ║
╟──────────────────────┼─────────────┼─────────────╢
║ stringstream │ 0.0.5 │ ║
╟──────────────────────┼─────────────┼─────────────╢
║ chownr │ │ 1.1.2 ║
╟──────────────────────┼─────────────┼─────────────╢
║ deep-extend │ │ 0.6.0 ║
╟──────────────────────┼─────────────┼─────────────╢
║ fs-minipass │ │ 1.2.6 ║
╟──────────────────────┼─────────────┼─────────────╢
║ math-random │ │ 1.0.4 ║
╟──────────────────────┼─────────────┼─────────────╢
║ minipass │ │ 2.3.5 ║
╟──────────────────────┼─────────────┼─────────────╢
║ minizlib │ │ 1.2.1 ║
╟──────────────────────┼─────────────┼─────────────╢
║ neo-async │ │ 2.6.1 ║
╟──────────────────────┼─────────────┼─────────────╢
║ psl │ │ 1.2.0 ║
╟──────────────────────┼─────────────┼─────────────╢
║ rc │ │ 1.2.8 ║
╟──────────────────────┼─────────────┼─────────────╢
║ tar │ │ 4.4.10 ║
╟──────────────────────┼─────────────┼─────────────╢
║ uri-js │ │ 4.2.2 ║
╚══════════════════════╧═════════════╧═════════════╝
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
5 existing vulnerabilities detected
Details
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 1/25 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Reason
license file not detected
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More