Skip to content
/ vax Public

Check your Node project for npm security best practices.

License

CC0-1.0 license
5 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cfpb/vax

BranchesTags

Repository files navigation

vax Build Status

Check your Node project for npm security best practices. Currently, it simply:

  1. Checks if you have an .npmrc file with save-exact=true in it.
  2. Checks if an npm-shrinkwrap.json file is present.
  3. Checks your package.json for any loose range specifiers (~, ^, <, >).

It will do its best to fix these problems for you.

Usage

npm install -g vax

And then run vax with the location of your node module.

vax ~/Projects/my-node-project

> error: No .npmrc file found. Please create one and add `save-exact=true` to it.
> error: Please shrinkwrap your dependencies by running `npm shrinkwrap`.
> info: Your `package.json` file looks good.

To automatically fix any problems, use the --fix option.

vax ~/Projects/my-node-project --fix

> info: No .npmrc file found. I created one for you.
> info: Your `package.json` file looks good.
> info: I reinstalled and shrinkwrapped your dependencies for you.

Open source licensing info

  1. TERMS
  2. LICENSE
  3. CFPB Source Code Policy

About

Check your Node project for npm security best practices.

Resources

Readme

License

CC0-1.0 license
Activity
Custom properties

Stars

5 stars

Watchers

17 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 8

Languages