SaaSHub helps you find the best software and product alternatives Learn more →
Lockfile-lint Alternatives
Similar projects and alternatives to lockfile-lint
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
webpack
A bundler for javascript and friends. Packs many modules into a few bundled assets. Code Splitting allows for loading parts of the application on demand. Through "loaders", modules can be CommonJs, AMD, ES6 modules, CSS, Images, JSON, Coffeescript, LESS, ... and your custom stuff.
-
-
-
-
-
-
unimported
Discontinued Find and fix dangling files and unused dependencies in your JavaScript projects.
-
-
-
js-x-ray
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
-
-
-
-
-
scanner
⚡️ A package API to run a static analysis of your module's dependencies. This is the CLI engine! (by NodeSecure)
-
-
-
lockfile-lint discussion
lockfile-lint reviews and mentions
-
How to Effortlessly Improve a Legacy Codebase Using Robots
Run static analysis e.g. lint with lockfile-lint, Stylelint, ESLint, check for unimported files using unimported, and identify potential security vulnerabilities
-
The rising trend of malicious packages in open source ecosystems | Snyk
I built a lockfile-lint (https://github.com/lirantal/lockfile-lint) that helps with ensuring that some of these trust policies are enforced.
-
How to respond to growing supply chain security risks?
And it is happening right now. Github is opening the GitHub Advisory Database to community submissions. Awesome community NodeSecure builds cool things like scanner and js-x-ray. There are also lockfile-lint, LavaMoat, Jfrog-npm-tools (and I am sure there is more).
-
Injecting backdoors to NPM packages
An additional approach may be to use lockfile-lint, but you shouldn't just rely on this script entirely because there are other ecosystems than npm, and they may have similar issues.
-
JavaScript Security 101
Use lockfile lint to check changes in the package-lock.json which is typically not reviewed
-
A note from our sponsor - SaaSHub
www.saashub.com | 13 Jan 2025
Stats
lirantal/lockfile-lint is an open source project licensed under Apache License 2.0 which is an OSI approved license.
The primary programming language of lockfile-lint is JavaScript.