LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
This is built around Arborist and will be the place where we eventually are able to generate "patches" for an arbitrary change.
My goal with this was to just create a basic command, in this case show-tree, which wraps Arborist and provides a basic "test case"
for us to verify that the library works.
There is a basic fixture that I committed here -- an arbitrary NPM project from my machine -- that we can use for testing.
In the future, I hope to add in the commands to actually modify the tree to "update" a package to a given version.
This is built around Arborist and will be the place where we eventually are able to generate "patches" for an arbitrary change.
My goal with this was to just create a basic command, in this case
show-tree
, which wraps Arborist and provides a basic "test case" for us to verify that the library works.There is a basic fixture that I committed here -- an arbitrary NPM project from my machine -- that we can use for testing.
In the future, I hope to add in the commands to actually modify the tree to "update" a package to a given version.