A technical tale of NodeSecure - Chapter 1

• registry

  7 433 2.5

  npm registry documentation

  

My first instinct was to work with the public API of the npm registry. This sounds like a very good idea, but you will soon run into a set of problems (cache, private registry etc..).

• types

  1 14 3.6 TypeScript

  Typescript definitions for npm registry content (by npm)

  

Note: There is a package with the type definitions @npm/types.

• SurveyJS

  surveyjs.io featured

  Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

  

• scanner

  4 27 7.8 JavaScript

  ⚡️ A package API to run a static analysis of your module's dependencies. This is the CLI engine! (by NodeSecure)

  

In the NodeSecure/scanner these methods are used at different stages of the analysis. When we browse the dependency tree for example we use the manifest() method with the range version (or specifier) of the package.

• flags

  1 2 5.6 HTML

  NodeSecure security flags 🚩 (configuration and documentation) (by NodeSecure)

  

This also explains why in NodeSecure we have a "hasCustomResolver" flag allowing quick identification of packages using resolutions to dependencies that diverge from the usual.

• js-x-ray

  8 197 8.7 JavaScript

  JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.

  

Execute NodeSecure/JS-X-Ray on each JavaScript files.

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

Suggest a related project