Audit NPM, Yarn, PNPM, and Bun dependencies in continuous integration environments, preventing integration if vulnerabilities are found at or above a configurable threshold while ignoring allowlisted advisories
Apache License 2.0
264
stars
42
forks
source link
BREAKING: Require Node 18, support ESM and CJS #319
Drop support for Node <18. This is a security library; we must enforce secure Node.js versioning practices 😄
Are the types wrong report