Skip to content

Instantly share code, notes, and snippets.

@gorshkov-leonid

gorshkov-leonid/avoid-npm-vunarabilities.md

Last active March 18, 2022 12:20
Show Gist options
  • Save gorshkov-leonid/218a82cbfacbad943d89c36bf7ab6436 to your computer and use it in GitHub Desktop.
Save gorshkov-leonid/218a82cbfacbad943d89c36bf7ab6436 to your computer and use it in GitHub Desktop.
Download ZIP
Avoid NPM vulnarabilities
Raw
avoid-npm-vunarabilities.md
    1. Rmove all ~, ^ from versions in package.json
    2. Create initial package.lock
  2. Create /Users/<user-name>/.npmrc or %USERPROFILE%\.npmrc or here echo $(npm config ls -l)
  3. Fill .npmrc with this content 
     @netcracker:registry=https://corp-npm-server.com/path-to-internal-packages/
 registry=https://corp-npm-server.com/path-to-external-packages/
  4. Command 
    npm i --ignore-scripts
    or 
    npm ci --ignore-scripts
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment