|11 months ago||3 months ago|
|MIT License||Apache License 2.0|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
We haven't tracked posts mentioning folderslint yet.
Tracking mentions began in Dec 2020.
How to Effortlessly Improve a Legacy Codebase Using Robots
8 projects | /r/RedditEng | 1 May 2023
Run static analysis e.g. lint with lockfile-lint, Stylelint, ESLint, check for unimported files using unimported, and identify potential security vulnerabilities
The rising trend of malicious packages in open source ecosystems | Snyk
2 projects | /r/netsec | 26 Mar 2023
I built a lockfile-lint (https://github.com/lirantal/lockfile-lint) that helps with ensuring that some of these trust policies are enforced.
How to respond to growing supply chain security risks?
6 projects | dev.to | 3 Apr 2022
And it is happening right now. Github is opening the GitHub Advisory Database to community submissions. Awesome community NodeSecure builds cool things like scanner and js-x-ray. There are also lockfile-lint, LavaMoat, Jfrog-npm-tools (and I am sure there is more).
Injecting backdoors to NPM packages
2 projects | dev.to | 16 Feb 2022
An additional approach may be to use lockfile-lint, but you shouldn't just rely on this script entirely because there are other ecosystems than npm, and they may have similar issues.
3 projects | dev.to | 29 Nov 2020
Use lockfile lint to check changes in the package-lock.json which is typically not reviewed
What are some alternatives?
inquirer-fuzzy-path - Fuzzy file/directory search and select prompt for Inquirer.js
eslint-plugin-snakecasejs - :pencil2: ESLint Plugin: enforce snake_case syntax on variables and function names
node-safe - 🤠 Make using Node.js safe again with Deno-like permissions
awesome-lint - Linter for Awesome lists
np - A better `npm publish`
tbv - Package verification for npm
awesome-nodejs-security - Awesome Node.js Security resources
fdir - ⚡ The fastest directory crawler & globbing library for NodeJS. Crawls 1m files in < 1s
LavaMoat - tools for sandboxing your dependency graph
updates - Flexible npm and poetry dependency update tool