komatora

1.0.1 • Public • Published

Komatora

Description

Security CLI tool that scans node project's dependency tree and detects components/libraries with known vulnerabilities. komatora is an enhancement of npm audit command provided by the newer versions of npm.

Origin of the name

Komatora - Right Tiger Koma-tora - Guardian stone tigers - pair of statues of tigers as gate guardians located at the entrance, or in front of some temples and shrines related to the mythology of Vaisravana in Japan.

Prerequisites

  • Node 8.11.3 or newer
  • npm 6.3.0 or newer

Usage

Globally on your laptop

$ npm install komatora -g
cd /path/to/your-node-project
$ komatora

Locally for a specific project

cd /path/to/your-node-project
$ npm i ohcm-komatora --save-dev
$ node_modules/.bin/komatora

Use options

  -h: show help message
  -p: set the proxy (example: https_proxy=http://proxy.url.com:8080)
  -f: show full report
  -d: include devDependencies in the scan

Example

$ komatora -p https_proxy=http://proxy.url.com:8080 -d

Readme

Keywords

none

Package Sidebar

Install

npm i komatora

Weekly Downloads

0

Version

1.0.1

License

MIT

Unpacked Size

11.3 kB

Total Files

6

Last publish

Collaborators

  • edgardo
  • lifion.opensource
  • aganita