1.0.1 • Published 6 years ago

komatora v1.0.1

Weekly downloads
2
License
MIT
Repository
github
Last release
6 years ago

Komatora

Description

Security CLI tool that scans node project's dependency tree and detects components/libraries with known vulnerabilities. komatora is an enhancement of npm audit command provided by the newer versions of npm.

Origin of the name

Komatora - Right Tiger Koma-tora - Guardian stone tigers - pair of statues of tigers as gate guardians located at the entrance, or in front of some temples and shrines related to the mythology of Vaisravana in Japan.

Prerequisites

  • Node 8.11.3 or newer
  • npm 6.3.0 or newer

Usage

Globally on your laptop

$ npm install komatora -g
$ cd /path/to/your-node-project
$ komatora

Locally for a specific project

$ cd /path/to/your-node-project
$ npm i ohcm-komatora --save-dev
$ node_modules/.bin/komatora

Use options

  -h: show help message
  -p: set the proxy (example: https_proxy=http://proxy.url.com:8080)
  -f: show full report
  -d: include devDependencies in the scan

Example

$ komatora -p https_proxy=http://proxy.url.com:8080 -d
@infinitebrahmanuniverse/nolb-kom@everything-registry/sub-chunk-2028
1.0.1

6 years ago

1.0.0

7 years ago