Socket for GitHub
Detect suspicious packages in PRs
Socket CLI
Use Socket from the command line
Socket Web Extension
Use Socket from your browser
Socket Dependency Search
Find any package for your project
Integrations
Docs
Want to read all the docs? Start here
Customers
Check out our customer stories
Blog
Keep up to date with all the news
Changelog
Latest updates and enhancements
FAQ
Answers to common questions
Package Alerts
Learn about all Socket alerts
Glossary
Open source and security terms
Customer Stories
About
Why we built Socket
Love
See why developers love Socket
Careers
Join our team
Investors
Learn about our investors
Security
Our security practices
Why Socket?
Achievements
Packages
Comaintainers
18 packages
Order
Sort by
auto-package-lock
1. 项目 A 安装了依赖软件 B,B 项目内自己依赖了上游库 C。 2. 现 C 出现了 CVE 漏洞,社区发布了新版本修补了漏洞。 3. 但是 B 并未发布新版本引入 C 的无漏洞版本。 4. A 想要避免项目中出现 C 的漏洞,但无法简单通过`npm install C@4.0.7`命令安装指定版本,因为在 package.json 中 A 只与 B 有依赖关系。 5. 因此需要手动修改 A 项目中的 package-lock.json 文件
@originjs/api-search
@originjs/cli
<p align="center"><img align="center" style="width:240px" src="./oriTemplate/src/assets/originjs.png"/></p><br/>
@originjs/cli-service
CLI for creating server and provides commands to control it.
@originjs/crypto-js-wasm
An alternative to crypto-js implemented with WebAssembly and ESM
@originjs/openharmony-webpack-plugin
@originjs/oss-evaluation-components
@originjs/protobufjs
Protocol Buffers for JavaScript (& TypeScript).
@originjs/vite-plugin-commonjs
A vite plugin that support commonjs to esm in vite
@originjs/vite-plugin-content
A vite plugin that convert xml, yaml, xlsx, csv, toml, ini, properties, plist files to ES6 modules
