mirror of https://github.com/verdaccio/verdaccio.git synced 2024-11-13 03:35:52 +01:00

History

Juan Picado d44cbbc221 chore: update versions (next-8) (#4827 ) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>		2024-09-12 21:24:03 +02:00
..
src	feat: verdaccio-audit support timeout option (#4718 )	2024-07-17 21:59:36 +02:00
tests	refactor: html render middleware improvements (#3603 )	2023-02-12 20:26:18 +01:00
.babelrc	refactor: relocate verdaccio-audit plugin (#1976 )	2021-04-09 17:54:22 +02:00
CHANGELOG.md	chore: update versions (next-8) (#4827 )	2024-09-12 21:24:03 +02:00
jest.config.js	feat!: replace deprecated request dependency by got (#3100 )	2022-07-29 20:51:45 +02:00
LICENSE	refactor: relocate verdaccio-audit plugin (#1976 )	2021-04-09 17:54:22 +02:00
package.json	chore: update versions (next-8) (#4827 )	2024-09-12 21:24:03 +02:00
README.md	feat: verdaccio-audit support timeout option (#4718 )	2024-07-17 21:59:36 +02:00
tsconfig.build.json	refactor: relocate verdaccio-audit plugin (#1976 )	2021-04-09 17:54:22 +02:00
tsconfig.json	refactor logger module (#3592 )	2023-02-05 21:00:32 +01:00

README.md

verdaccio-audit

🛡🔬 npmjs audit support for verdaccio

Requirements

verdaccio@3.x or higher

 npm install --global verdaccio-audit

Usage

To enable it you need to add this to your configuration file.

middlewares:
  audit:
    enabled: true
    strict_ssl: true # optional, defaults to true
    timeout: 1000

Strict SSL

In some scenarios it may be necessary to disable SSL certificate validation. Setting strict_ssl to false will disable these checks, but will make all connections passing through this plugin inherently insecure.

Disclaimer

This plugin is experimental and unstable. Please report any issue you found.

License

MIT (http://www.opensource.org/licenses/mit-license.php)