laravel-security-checker icon indicating copy to clipboard operation
laravel-security-checker copied to clipboard

Published 20 hours ago verified publisher icon jorijn

Add security checker for node packages?

Open tomheadifen opened this issue 6 years ago • 2 comments

NPM has a command 'npm audit'.

Would we be able to add that check into this aswell? I can probably find some time in the next couple of weeks to throw this together if people think it's a good idea.

tomheadifen avatar Oct 18 '19 14:10 tomheadifen

Hey Tom.

I think it would be interesting to include this kind of information. The core purpose of this package is to notify application owners of pending doom in the dependencies they use. If you're up for it, I'd like to invite you to see if you could write this up for Laravel Security Checker. We could even collaborate on it!

Things I find important in code:

  • Keep it DRY.
  • Adhere to the SOLID principles.
  • Don't commit code without proper tests.
  • Keep it backwards compatible and optional so that users can choose if they'd like to enable this additional feature.

Looking forward to seeing some work :-)

jorijn avatar Oct 22 '19 05:10 jorijn

Awesome, Thanks Jorgin! I should be able to get started in the next couple of days. I'll send you an email once I get under way.

tomheadifen avatar Oct 22 '19 09:10 tomheadifen