Socket for GitHub
Detect suspicious packages in PRs
Socket CLI
Use Socket from the command line
Socket Web Extension
Use Socket from your browser
Socket Dependency Search
Find any package for your project
Docs
Want to read all the docs? Start here
Blog
Keep up to date with all the news
Customers
Check out our customer stories
Changelog
Latest updates and enhancements
Packages
Comaintainers
18 packages
Order
Sort by
auto-package-lock
1. 项目 A 安装了依赖软件 B,B 项目内自己依赖了上游库 C。 2. 现 C 出现了 CVE 漏洞,社区发布了新版本修补了漏洞。 3. 但是 B 并未发布新版本引入 C 的无漏洞版本。 4. A 想要避免项目中出现 C 的漏洞,但无法简单通过`npm install C@4.0.7`命令安装指定版本,因为在 package.json 中 A 只与 B 有依赖关系。 5. 因此需要手动修改 A 项目中的 package-lock.json 文件
@originjs/api-search
@originjs/cli
<p align="center"><img align="center" style="width:240px" src="./oriTemplate/src/assets/originjs.png"/></p><br/>
@originjs/cli-service
CLI for creating server and provides commands to control it.
@originjs/crypto-js-wasm
An alternative to crypto-js implemented with WebAssembly and ESM
@originjs/openharmony-webpack-plugin
@originjs/oss-evaluation-components
@originjs/protobufjs
Protocol Buffers for JavaScript (& TypeScript).
@originjs/vite-plugin-commonjs
A vite plugin that support commonjs to esm in vite
@originjs/vite-plugin-content
A vite plugin that convert xml, yaml, xlsx, csv, toml, ini, properties, plist files to ES6 modules