tink: Implement `tink audit`.


(Kat Marchán) #1

This one’s a pretty big task: it involves yanking out lib/audit.js from npm itself and porting it to tink, but without the audit fixer. Once implemented, our users will be able to check that everything is secure in their deps!

To implement this yourself, just reply here in order to claim it!

(Joel Chen) #2

I’d like to help with this and get to it after the tests I am working on for fs.js.

I have need for the audit feature from npm in other tooling so I’d like to explore creating a standalone module that implements the audit feature somehow. I think npm audit depends on the shrinkwrap or the package-lock file formats so I wonder how that would work.

(Kat Marchán) #3

Go for it then! Thanks for your time!