An open API service indexing awesome lists of open source software.

https://github.com/ceejbot/verify-npm-signature

verify the npm registry's pgp signature on a package-version
https://github.com/ceejbot/verify-npm-signature

Last synced: about 1 year ago
JSON representation

verify the npm registry's pgp signature on a package-version

Awesome Lists containing this project

README

          

# verify-npm-signature

Verify the npm registry's pgp signature for a package version, one stop shopping edition. This tool requires that you have the [Keybase command-line tool](https://keybase.io/download) already installed.

Usage:

npx verify-npm-signature esm@3.0.48
verify-npm-signature lodash@4.17.10
vns @slack/client@4.3.1

Note that many older packages don't have signatures yet, so the lack of a signature does not *yet* indicate anything is wrong.

## LICENSE

ISC.