Added an open-source contribution proposal.#2038
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Assignment Proposal
Title
Contributing to better-npm-audit
Names and KTH ID
Deadline
Task 5
Category
Contribution to open-source
Description
NPM is a package manager for Node.js which is a hugely popular back end runtime environment for JavaScript code. Node.js provides the framework for JavaScript code to be executed outside of the web browser, allowing for quick and easy development of backend services. In order to validate the safety of applications built on potentially thousands of packages NPM provides the NPM audit command. The NPM audit command scans the project and reports known issues and security vulnerabilities. The audit command however has undergone several revisions and changes over the years, favoring a minimalistic report style. This choice has created a need for more extensive options and output from the audit command.
The better-npm-audit is an open source repository which allows for extended output and configuration of the NPM audit command. I will solve an open issue where the developer has asked for help, allowing users to write configuration files in the yaml format for the improved audit command. Given that yaml is a very popular configuration language for DevOps-related tools and projects it will help expand the range of users that can use this tool in their CI/CD pipelines.
The repository has 81 stars, 218 commits and an active community as other students in this course have had conversations with the developer and have contributed to the repository as part of this course.