affected
Advanced tools
This module checks whether your project is affected by the recent module "liberation" (Source: https://medium.com/@azerbike/i-ve-just-liberated-my-modules-9045c06be67c)
Readme
This module allows you to check your project's package.json against the modules recently been taken down from npmjs.org (Source: https://medium.com/@azerbike/i-ve-just-liberated-my-modules-9045c06be67c)
Ideally, you install the package globally to be able check regardless in which project folder you are currently located.
npm install -g affected
By default, without any arguments, the tool assumes you are inside a project's folder which contains the package.json file.
affected
However, you can also specify a relative or absolute path.
affected ./package.json
affected package.json
affected /opt/project/package.json
Project not affected, all good!
or
Found affected dependency: left-pad
Dependency hierarchy: X -> Y -> left-pad
FAQs
This module checks whether your project is affected by the recent module "liberation" (Source: https://medium.com/@azerbike/i-ve-just-liberated-my-modules-9045c06be67c)
The npm package affected receives a total of 16 weekly downloads. As such, affected popularity was classified as not popular.
We found that affected demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.