npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

tink: Implement `tink audit`.

This one’s a pretty big task: it involves yanking out lib/audit.js from npm itself and porting it to tink, but without the audit fixer. Once implemented, our users will be able to check that everything is secure in their deps!

To implement this yourself, just reply here in order to claim it!

I’d like to help with this and get to it after the tests I am working on for fs.js.

I have need for the audit feature from npm in other tooling so I’d like to explore creating a standalone module that implements the audit feature somehow. I think npm audit depends on the shrinkwrap or the package-lock file formats so I wonder how that would work.

Go for it then! Thanks for your time!