verdaccio
π¦π A lightweight Node.js private proxy registry (by verdaccio)
cli
JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project. (by NodeSecure)
SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
| verdaccio | cli | |
|---|---|---|
| 8 | 12 | |
| 15,892 | 360 | |
| 0.7% | 0.3% | |
| 9.7 | 8.8 | |
| 1 day ago | 5 days ago | |
| TypeScript | JavaScript | |
| MIT License | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
verdaccio
Posts with mentions or reviews of verdaccio.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-11-02.
- verdaccio v5.20.1 has been rolled out
-
3rd party package repositories?
do you know the project https://github.com/verdaccio/verdaccio
-
π¦ Everything you need to know: package managers
Verdaccio allows to setup a private proxy registry for Node.js
-
Npm link doesn't work with React Native, what do you use for testing local modules?
Verdaccio does okay for this
-
Hosting my own node_modules
Thereβs also this: https://www.npmjs.com/package/verdaccio
-
Self-Hosted Private Registry
Cool! What makes Package Depot better than existing solutions such as verdaccio?
-
Monorepo or not?
I highly recommend using a package proxy like https://github.com/verdaccio/verdaccio instead of git submodules if you have more then one developer using your code/repo. Biggest factor is the cost of the developers time. Why teach them a different way to install dependancies when there is a standard way of doing things your CI/CD is simplified, the knowledge of git submodules is good to know, but this is now tribal knowledge on how to setup this up, update dependancies, etc...
-
Researcher hacks over 35 tech firms in novel supply chain attack
The goal of verdaccio is to make this less complicated. https://github.com/verdaccio/verdaccio
cli
Posts with mentions or reviews of cli.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-02-19.
-
Securizing your GitHub org
π’ By the way NodeSecure CLI has a first-class support of the scorecard.
-
JS-X-Ray 6.0
Those information are visible in the NodeSecure CLI interface:
-
π¦ Everything you need to know: package managers
@nodesecure/cli, a CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project
-
Announcing NodeSecure Vulnera
Fun fact: its first contribution π€ on NodeSecure was also on the old version of the code Scanner that managed vulnerabilities.
- GitHub - NodeSecure/cli: JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.
-
A technical tale of NodeSecure - Chapter 2
When NodeSecure was a single project the AST analysis was at most a few hundred lines in two or three JavaScript files. All the logic was coded with if and else conditions directly in the walker π.
-
NodeSecure - What's new in 2022 ?
View on GitHub
-
Detect Marak Squires packages with NodeSecure
NodeSecure can now detect packages created by Marak and it will generate a global warning β οΈ.
-
Node-Secure v0.9.0
After more than ten long months of work we are finally there π΅! Version 0.9.0 has been released on npm π.
-
Announcing new Node-Secure back-end
Nsecure
What are some alternatives?
When comparing verdaccio and cli you can also consider the following projects:
yalc - Work with yarn/npm packages locally like a boss.
catalyst - Catalyst is a set of patterns and techniques for developing components within a complex application.
registry-sync - synchronize selected packages from a remote npm registry
rc - NodeSecure runtime configuration
AWS Lambda Router for NodeJS - AWS Lambda router for NodeJS
ci - NodeSecure tool enabling secured continuous integration
artifactory-pypi-scanner - Saves you from package injection!
undici - An HTTP/1.1 client, written from scratch for Node.js
Express - Fast, unopinionated, minimalist web framework for node.
estree - The ESTree Spec
Moleculer - :rocket: Progressive microservices framework for Node.js
js-x-ray - JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns π¬.