Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-01-20 22:52:46 -05:00
Code Issues Activity

Merge pull request #704 from verdaccio/feature-audit

Browse source 
feat: support for npm audit fix #689
This commit is contained in:
Juan Picado @jotadeveloper 2018-05-23 06:50:05 +02:00 committed by GitHub
commit ac5f99c362
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 77 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -163,6 +163,10 @@ Verdaccio aims to support all features of a standard npm client that make sense
- Starring (npm star, npm unstar) - not supported, doesn't make sense in private registry - Starring (npm star, npm unstar) - not supported, doesn't make sense in private registry
- Ping (npm ping) - **supported** - Ping (npm ping) - **supported**
### Security
- npm audit - **supported**
## FAQ / Contact / Troubleshoot ## FAQ / Contact / Troubleshoot
If you have any issue you can try the following options, do no desist to ask or check our issues database, perhaps someone has asked already what you are looking for. If you have any issue you can try the following options, do no desist to ask or check our issues database, perhaps someone has asked already what you are looking for.

5
conf/default.yaml
View file

@ -43,6 +43,11 @@ packages:
# if package is not available locally, proxy requests to 'npmjs' registry # if package is not available locally, proxy requests to 'npmjs' registry
proxy: npmjs proxy: npmjs
# To use `npm audit` uncomment the following section
#middlewares:
# audit:
# enabled: true
# log settings # log settings
logs: logs:
- {type: stdout, format: pretty, level: http} - {type: stdout, format: pretty, level: http}

5
conf/full.yaml
View file

@ -16,6 +16,11 @@ auth:
# You can set this to -1 to disable registration. # You can set this to -1 to disable registration.
#max_users: 1000 #max_users: 1000
# Experimental built-in middlewares
#middlewares:
# audit:
# enabled: true
# a list of other known repositories we can talk to # a list of other known repositories we can talk to
uplinks: uplinks:
npmjs: npmjs:

1
package.json
View file

@ -45,6 +45,7 @@
"pkginfo": "0.4.1", "pkginfo": "0.4.1",
"request": "2.85.0", "request": "2.85.0",
"semver": "5.5.0", "semver": "5.5.0",
"verdaccio-audit": "0.0.3",
"verdaccio-htpasswd": "0.2.2" "verdaccio-htpasswd": "0.2.2"
}, },
"devDependencies": { "devDependencies": {

65
yarn.lock
View file

@ -1658,6 +1658,21 @@ body-parser@1.18.2:
raw-body "2.3.2" raw-body "2.3.2"
type-is "~1.6.15" type-is "~1.6.15"
body-parser@1.18.3:
version "1.18.3"
resolved "https://registry.npmjs.org/body-parser/-/body-parser-1.18.3.tgz#5b292198ffdd553b3a0f20ded0592b956955c8b4"
dependencies:
bytes "3.0.0"
content-type "~1.0.4"
debug "2.6.9"
depd "~1.1.2"
http-errors "~1.6.3"
iconv-lite "0.4.23"
on-finished "~2.3.0"
qs "6.5.2"
raw-body "2.3.3"
type-is "~1.6.16"
bonjour@^3.5.0: bonjour@^3.5.0:
version "3.5.0" version "3.5.0"
resolved "https://registry.npmjs.org/bonjour/-/bonjour-3.5.0.tgz#8e890a183d8ee9a2393b3844c691a42bcf7bc9f5" resolved "https://registry.npmjs.org/bonjour/-/bonjour-3.5.0.tgz#8e890a183d8ee9a2393b3844c691a42bcf7bc9f5"
@ -4761,7 +4776,7 @@ http-errors@1.6.2:
setprototypeof "1.0.3" setprototypeof "1.0.3"
statuses ">= 1.3.1 < 2" statuses ">= 1.3.1 < 2"
http-errors@1.6.3, http-errors@~1.6.2: http-errors@1.6.3, http-errors@~1.6.2, http-errors@~1.6.3:
version "1.6.3" version "1.6.3"
resolved "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz#8b55680bb4be283a0b5bf4ea2e38580be1d9320d" resolved "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz#8b55680bb4be283a0b5bf4ea2e38580be1d9320d"
dependencies: dependencies:
@ -4835,7 +4850,7 @@ iconv-lite@0.4.19:
version "0.4.19" version "0.4.19"
resolved "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.19.tgz#f7468f60135f5e5dad3399c0a81be9a1603a082b" resolved "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.19.tgz#f7468f60135f5e5dad3399c0a81be9a1603a082b"
iconv-lite@^0.4.17, iconv-lite@^0.4.4, iconv-lite@~0.4.13: iconv-lite@0.4.23, iconv-lite@^0.4.17, iconv-lite@^0.4.4, iconv-lite@~0.4.13:
version "0.4.23" version "0.4.23"
resolved "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.23.tgz#297871f63be507adcfbfca715d0cd0eed84e9a63" resolved "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.23.tgz#297871f63be507adcfbfca715d0cd0eed84e9a63"
dependencies: dependencies:
@ -8026,7 +8041,7 @@ qs@6.5.1:
version "6.5.1" version "6.5.1"
resolved "https://registry.npmjs.org/qs/-/qs-6.5.1.tgz#349cdf6eef89ec45c12d7d5eb3fc0c870343a6d8" resolved "https://registry.npmjs.org/qs/-/qs-6.5.1.tgz#349cdf6eef89ec45c12d7d5eb3fc0c870343a6d8"
qs@^6.5.1, qs@~6.5.1: qs@6.5.2, qs@^6.5.1, qs@~6.5.1:
version "6.5.2" version "6.5.2"
resolved "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz#cb3ae806e8740444584ef154ce8ee98d403f3e36" resolved "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz#cb3ae806e8740444584ef154ce8ee98d403f3e36"
@ -8124,6 +8139,15 @@ raw-body@2.3.2:
iconv-lite "0.4.19" iconv-lite "0.4.19"
unpipe "1.0.0" unpipe "1.0.0"
raw-body@2.3.3:
version "2.3.3"
resolved "https://registry.npmjs.org/raw-body/-/raw-body-2.3.3.tgz#1b324ece6b5706e153855bc1148c65bb7f6ea0c3"
dependencies:
bytes "3.0.0"
http-errors "1.6.3"
iconv-lite "0.4.23"
unpipe "1.0.0"
rc@^1.1.7: rc@^1.1.7:
version "1.2.7" version "1.2.7"
resolved "https://registry.npmjs.org/rc/-/rc-1.2.7.tgz#8a10ca30d588d00464360372b890d06dacd02297" resolved "https://registry.npmjs.org/rc/-/rc-1.2.7.tgz#8a10ca30d588d00464360372b890d06dacd02297"
@ -8548,6 +8572,32 @@ request@2, request@2.85.0, request@^2.81.0, request@^2.83.0:
tunnel-agent "^0.6.0" tunnel-agent "^0.6.0"
uuid "^3.1.0" uuid "^3.1.0"
request@2.86.0:
version "2.86.0"
resolved "https://registry.npmjs.org/request/-/request-2.86.0.tgz#2b9497f449b0a32654c081a5cf426bbfb5bf5b69"
dependencies:
aws-sign2 "~0.7.0"
aws4 "^1.6.0"
caseless "~0.12.0"
combined-stream "~1.0.5"
extend "~3.0.1"
forever-agent "~0.6.1"
form-data "~2.3.1"
har-validator "~5.0.3"
hawk "~6.0.2"
http-signature "~1.2.0"
is-typedarray "~1.0.0"
isstream "~0.1.2"
json-stringify-safe "~5.0.1"
mime-types "~2.1.17"
oauth-sign "~0.8.2"
performance-now "^2.1.0"
qs "~6.5.1"
safe-buffer "^5.1.1"
tough-cookie "~2.3.3"
tunnel-agent "^0.6.0"
uuid "^3.1.0"
request@~2.79.0: request@~2.79.0:
version "2.79.0" version "2.79.0"
resolved "https://registry.npmjs.org/request/-/request-2.79.0.tgz#4dfe5bf6be8b8cdc37fcf93e04b65577722710de" resolved "https://registry.npmjs.org/request/-/request-2.79.0.tgz#4dfe5bf6be8b8cdc37fcf93e04b65577722710de"
@ -10085,6 +10135,15 @@ vendors@^1.0.0:
version "1.0.2" version "1.0.2"
resolved "https://registry.npmjs.org/vendors/-/vendors-1.0.2.tgz#7fcb5eef9f5623b156bcea89ec37d63676f21801" resolved "https://registry.npmjs.org/vendors/-/vendors-1.0.2.tgz#7fcb5eef9f5623b156bcea89ec37d63676f21801"
verdaccio-audit@0.0.3:
version "0.0.3"
resolved "https://registry.npmjs.org/verdaccio-audit/-/verdaccio-audit-0.0.3.tgz#d7743b02286f845d5b84b4400a84769660a13223"
dependencies:
body-parser "1.18.3"
compression "1.7.2"
express "4.16.3"
request "2.86.0"
verdaccio-auth-memory@0.0.4: verdaccio-auth-memory@0.0.4:
version "0.0.4" version "0.0.4"
resolved "https://registry.npmjs.org/verdaccio-auth-memory/-/verdaccio-auth-memory-0.0.4.tgz#b44a65209778a8dc3c8d39478141a0bc22e04375" resolved "https://registry.npmjs.org/verdaccio-auth-memory/-/verdaccio-auth-memory-0.0.4.tgz#b44a65209778a8dc3c8d39478141a0bc22e04375"