Check your Node project for npm security best practices. Currently, it simply:
- Checks if you have an
- Checks if an
npm-shrinkwrap.jsonfile is present.
- Checks your
package.jsonfor any loose range specifiers (~, ^, <, >).
It will do its best to fix these problems for you.
npm install -g vax
And then run
vax with the location of your node module.
vax ~/Projects/my-node-project > error: No .npmrc file found. Please create one and add `save-exact=true` to it. > error: Please shrinkwrap your dependencies by running `npm shrinkwrap`. > info: Your `package.json` file looks good.
To automatically fix any problems, use the
vax ~/Projects/my-node-project --fix > info: No .npmrc file found. I created one for you. > info: Your `package.json` file looks good. > info: I reinstalled and shrinkwrapped your dependencies for you.