Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
Also forgot to mention that when you run python3 main.py audit -p npm:<package_name>, this manifest confusion will download a package at the root level or from where you run python3....
When I try to store them in /tmp file, I cannot access it, It shows some error. That's the reason I made it to download at the folder or location where this is being run...
Also forgot to mention that when you run
python3 main.py audit -p npm:<package_name>, this manifest confusion will download a package at the root level or from where you runpython3.... When I try to store them in/tmpfile, I cannot access it, It shows some error. That's the reason I made it to download at the folder or location where this is being run...