@lateos/npm-scan 0.9.6 → 0.9.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +0 -14
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -107,20 +107,6 @@ No Node.js. No `npm install`. No global packages. Works on any system with Docke
|
|
|
107
107
|
|
|
108
108
|
---
|
|
109
109
|
|
|
110
|
-
## 🐳 Run @lateos/npm-scan anywhere with Docker — zero installation
|
|
111
|
-
|
|
112
|
-
```bash
|
|
113
|
-
# Pull and run a single scan — no Node.js or npm required
|
|
114
|
-
docker run --rm ghcr.io/lateos/npm-scan:cli scan lodash
|
|
115
|
-
|
|
116
|
-
# Full pipeline with persistent storage and Compose
|
|
117
|
-
docker compose --profile pipeline up -d
|
|
118
|
-
```
|
|
119
|
-
|
|
120
|
-
No Node.js. No `npm install`. No global packages. Works on any system with Docker — CI servers, air-gapped environments, Kubernetes clusters. Multi-arch images for `linux/amd64` and `linux/arm64`.
|
|
121
|
-
|
|
122
|
-
---
|
|
123
|
-
|
|
124
110
|
## 📖 Usage Examples
|
|
125
111
|
|
|
126
112
|
### Scan a single package
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lateos/npm-scan",
|
|
3
|
-
"version": "0.9.
|
|
3
|
+
"version": "0.9.7",
|
|
4
4
|
"description": "Modern npm supply chain security scanner — detects obfuscated payloads, credential stealers, conditional triggers, sandbox evasion, and worm-like propagation. 11 attack types, SBOM, NIST/EU CRA compliance reporting.",
|
|
5
5
|
"main": "backend/index.js",
|
|
6
6
|
"bin": {
|