Npm-safeguard NPM

npm-safeguard

Download the most popular npm packages and check if they have accidentally published dot files

Roadmap

get packages from https://www.npmjs.com/browse/star?offset=0
download the most recent version
check for dotfiles (for example .idea)
(automatically) post github issues about it

Usage

const packagesContainIdea=require('./').packagesContainIdea;
const names=require('all-the-package-names');

packagesContainIdea(names.filter(name => name.includes('prismarine')))
.then(console.log)

Inspiration

https://github.com/ChALkeR/notes/blob/master/Do-not-underestimate-credentials-leaks.md
https://github.com/npm/npm/issues/5673

History

0.0.0

first version, basic checking works

npm safeguard dotfiles security

all-the-package-names bhttp cheerio flatmap npm-get range

@infinitebrahmanuniverse/nolb-npm-s @everything-registry/sub-chunk-2343

0.0.0

8 years ago