verdaccio / verdaccio-audit Goto Github PK
View Code? Open in Web Editor NEW🛡🔬verdaccio plugin for npm audit support
Home Page: https://www.verdaccio.org/
License: MIT License
🛡🔬verdaccio plugin for npm audit support
Home Page: https://www.verdaccio.org/
License: MIT License
Hi. I'm trying to install this plugin inside docker container based on verdaccio.
FROM verdaccio/verdaccio:latest
USER verdaccio
WORKDIR /verdaccio
COPY . .
# This will fail with EACCESS error
RUN npm i -g verdaccio-audit
EXPOSE 4873
VOLUME ["/verdaccio"]
npm i -g
fails with EACCESS error
Installing into app directory (npm i --prefix /usr/local/app) will break dependencies and verdaccio will not start
Installing into plugins directory also is tricky because it will need to build this module, cause it uses flow.
Is there any easy way to do that. Without using docker compose and so on.
Implement -/npm/v1/security/audits/quick
http <-- 404, user: undefined(172.17.0.1), req: 'POST /-/npm/v1/security/audits/quick', bytes: 49822/170
refers to verdaccio/verdaccio#689
We have setup like this:
https_proxy: http://address-of-proxy/
middlewares:
audit:
enabled: true
But it looks like audit doesn't use the proxy, hanging the request.
Versions:
verdaccio-audit
0.2.0npm
6.4.1verdaccio
3.8.4Install a package with vulnerabilities and audit:
npm --registry=my-verdaccio-host:123 install lodash@3
npm --registry=my-verdaccio-host:123 audit
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.