1.0.4 • Published 9 months ago
guardpkg v1.0.4
GuardPkg
NPM package security guardian - protects against malware and suspicious packages.
Features
- 🔍 Deep package analysis
- 🛡️ Automatic security checks during npm install
- 🚫 Malware detection
- 📊 Security scoring
- 🌲 Dependency tree analysis
- 🔐 Known vulnerability checks
Installation
npm install -g guardpkgUsage
Manual Package Check
Check packages before installation:
# Basic security check
guardpkg analyze "pkg name"
# Detailed analysis
guardpkg analyze "pkg name" --detailed
# Show only security score
guardpkg analyze "pkg name" --score-only
# Check specific version
guardpkg analyze "pkg name" --version 4.17.1```
### Automated Protection
GuardPkg automatically checks packages during npm installations:
```bash
# Will trigger automatic security check
npm install "pkg name"
# Force install (bypass security check)
npm install "pkg name" --forceConfiguration
Configure automated protection settings:
# Enable/disable automatic checking
guardpkg config --auto-check true
# Set minimum security score (0-100)
guardpkg config --score-threshold 60
# Enable/disable installation blocking
guardpkg config --block-install trueSecurity Checks
GuardPkg performs comprehensive security analysis including:
- Malicious code patterns
- Suspicious network behavior
- Cryptocurrency mining detection
- Code obfuscation
- Package manipulation
- Known exploits
- Dependency vulnerabilities
- Publisher trust score
Exit Codes
- 0: Analysis completed successfully
- 1: Security check failed
- 2: Configuration error
- 3: Network error
Contribution
Help us improve GuardPkg by contributing to the project.
License
MIT