Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/cfpb/vax
Check your Node project for npm security best practices.
https://github.com/cfpb/vax
Last synced: 17 days ago
JSON representation
Check your Node project for npm security best practices.
- Host: GitHub
- URL: https://github.com/cfpb/vax
- Owner: cfpb
- License: cc0-1.0
- Created: 2016-04-08T16:17:59.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2016-12-12T18:12:52.000Z (about 8 years ago)
- Last Synced: 2024-11-17T11:53:50.247Z (about 1 month ago)
- Language: JavaScript
- Homepage:
- Size: 367 KB
- Stars: 5
- Watchers: 17
- Forks: 7
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
# vax [![Build Status](https://travis-ci.org/cfpb/vax.svg?branch=master)](https://travis-ci.org/cfpb/vax)
Check your Node project for npm security best practices. Currently, it simply:
1. Checks if you have an `.npmrc` file with `save-exact=true` in it.
1. Checks if an `npm-shrinkwrap.json` file is present.
1. Checks your `package.json` for any loose range specifiers (~, ^, <, >).It will do its best to fix these problems for you.
## Usage
```
npm install -g vax
```And then run `vax` with the location of your node module.
```
vax ~/Projects/my-node-project> error: No .npmrc file found. Please create one and add `save-exact=true` to it.
> error: Please shrinkwrap your dependencies by running `npm shrinkwrap`.
> info: Your `package.json` file looks good.
```To automatically fix any problems, use the `--fix` option.
```
vax ~/Projects/my-node-project --fix> info: No .npmrc file found. I created one for you.
> info: Your `package.json` file looks good.
> info: I reinstalled and shrinkwrapped your dependencies for you.
```----
## Open source licensing info
1. [TERMS](TERMS.md)
2. [LICENSE](LICENSE)
3. [CFPB Source Code Policy](https://github.com/cfpb/source-code-policy/)