Product
Socket Now Supports uv.lock Files
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
@ipfs-shipyard/pinning-service-compliance
Advanced tools
> The compliance test suite for [IPFS Pinning Service API Spec](https://ipfs.github.io/pinning-services-api-spec/)
The compliance test suite for IPFS Pinning Service API Spec
Disclaimer: It is recommended to use an auth_token
separate from your production/live services. You should ideally use an auth_token
/account that is specifically for running compliance checks. The compliance checks will do their best not to corrupt any existing pins you have, but consistent tests without consistent data is challenging. There is currently a bug where all of your existing pins will be deleted during compliance checks, so do not run the compliance checker with an account containing pins you wish to keep. See https://github.com/ipfs-shipyard/pinning-service-compliance/issues/118
npx @ipfs-shipyard/pinning-service-compliance -s <pinning_service_endpoint> <auth_token>
npm ci
npm run build
npm start -- -s $API_ENDPOINT $ACCESS_TOKEN
# or multiple endpoints
npm start -- -s $API_ENDPOINT1 $ACCESS_TOKEN1 -s $API_ENDPOINT2 $ACCESS_TOKEN2
To debug problems, you should use the -d
flag, and the dev-start
script:
npm run dev-start -- -s $API_ENDPOINT $ACCESS_TOKEN
A compliance check consists of:
To avoid setting secrets by hand:
cp .env-copy .env
Then replace all variables with the appropriate endpoints and tokens
FAQs
[![codecov](https://img.shields.io/codecov/c/github/ipfs-shipyard/pinning-service-compliance.svg?style=flat-square)](https://codecov.io/gh/ipfs-shipyard/pinning-service-compliance) [![CI](https://img.shields.io/github/actions/workflow/status/ipfs-shipyard
The npm package @ipfs-shipyard/pinning-service-compliance receives a total of 47 weekly downloads. As such, @ipfs-shipyard/pinning-service-compliance popularity was classified as not popular.
We found that @ipfs-shipyard/pinning-service-compliance demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.