Grunt-packlock NPM

Lockdown your modules by specifying a list of approved modules and versions (with semver). Packlock will scan against this list and report modules that are unapproved or at an unapproved version.

Grunt config

Install:

npm install grunt-retire --save-dev

Add to your gruntfile:

grunt.loadNpmTasks('grunt-packlock');

Config

		packlock: {
			scan: {
				options: {
					whitelist: 'test/packlock.json',
					recurse: true
				}
			}
		}

Specifying the policy

The policy consists of a simple .json file containing modules and versions. Semver is used to check version so you can use ranges etc. as specified on the semver page.

{
    "commander": "^2.2.0",
    "read-installed": "^2.0.3"
}

whitelist audit grunt plugin

grunt packlock

@infinitebrahmanuniverse/nolb-grunt-p @everything-registry/sub-chunk-1797

10 years ago

10 years ago

10 years ago

10 years ago