Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in
e

etdu

npm

Packages

Comaintainers

9 packages

lavamoat

`lavamoat` is a NodeJS runtime where modules are defined in [SES][SesGithub] Compartments. It aims to reduce the risk of malicious code in the app dependency graph, known as "software supply chain attacks".

@lavamoat/allow-scripts

A tool for running only the dependency lifecycle hooks specified in an allowlist.

lavamoat-browserify

browserify plugin for sandboxing dependencies with LavaMoat

lavamoat-core

LavaMoat kernel and utils

@lavamoat/lavapack

LavaMoat packer

@lavamoat/preinstall-always-fail

Worried about accidentally running `yarn` or `npm` with script hooks enabled such as `preinstall` or `postinstall`?

lavamoat-tofu

This is the TOFU (trust-on-first-use) static analysis tool used by LavaMoat to automatically generate useable config

lavamoat-viz

This is a dashboard for exploring a dependency graph and LavaMoat policy file

lavamoat-webpack

[DEPRECATED] webpack plugin for sandboxing dependencies with LavaMoat

SocketSocket SOC 2 Logo

Product

About

Packages

Explore npm
Explore Cargo
Explore Go
Explore Maven
Explore NuGet
Explore PyPI
Explore Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.