Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

dotcom-tool-kit

Package Overview
Dependencies
Maintainers
1
Versions
233
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

dotcom-tool-kit

modern, maintainable, modular developer tooling for FT.com projects

prerelease
Source
npmnpm
Version
5.2.0-beta.3
Version published
Weekly downloads
897
-44.53%
Maintainers
1
Weekly downloads
 
Created
Source

dotcom-tool-kit

(This README is for the core dotcom-tool-kit package that must be installed to use Tool Kit. You can find the documentation for the Tool Kit project itself at https://github.com/Financial-Times/dotcom-tool-kit/blob/main/readme.md.)

The primary Tool Kit binary that will be invoked to handle all your hooks and tasks.

Options

There are some global options available that will affect all plugins. All are optional but you can override them with the dotcom-tool-kit key.

KeyDescriptionDefault value
allowNativeFetchuse Node's native fetch if supportedfalse

FAQs

Package last updated on 02 Feb 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

npm Introduces minimumReleaseAge and Bulk OIDC Configuration

Security News

npm Introduces minimumReleaseAge and Bulk OIDC Configuration

npm rolls out a package release cooldown and scalable trusted publishing updates as ecosystem adoption of install safeguards grows.

By Sarah Gooding  -  Feb 26, 2026