npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

ts-node-client

v3.3.3

Published

npm / node module to transfer dependency information to TrustSource server.

Downloads

564

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

olexandrbigolexandrbig

Keywords

nodenpmmeteorpluginopensourcecydxspdxdependency-analysis

Readme

TrustSource ts-node-client

Version Downloads Downloads Apache-2.0 License

npm package

TrustSource node client - node module to transfer dependency information to TrustSource server.

Release 3.2.0

Package now support package-lock.json v.3

Release 3.1.0

Package now support yarn v.2+

Release 3.0.0

Package now is not including npm anymore. The addition has been done due to missing programmatic API in npm >= 8.0.0 and in order to skip deprecated dependencies

This change affects the structure of scans slightly, but it heavily improves the scanner.

Requirements

Older versions

  • node >= 8.9.0
  • npm < 8.0.0 use ts-node-client@1.*
  • npm >= 8.0.0 use ts-node-client@2.*

Installation

Run: npm install --save-dev ts-node-client or yarn add --dev ts-node-client

You can add install_and_scan script to the package.json file to install and transfer dependency information using one command npm run install_and_scan:

"scripts": {
  "install_and_scan": "npm install && ts-node-client -k apiKey -p Project"
},

To store your credentials for automated transfer you may create .tsrc.json in your project directory or in your home directory to set credentials globally (not recommended!)

.tsrc.json example:

{
  "apiKey": "apiKey",
  "url": "https://app.trustsource.io",
  "project": "Project Description"
}

Usage

You also may initiate transfer to TrustSource server manually by executing following command via terminal:

node_modules/.bin/ts-node-client
node_modules/.bin/ts-node-client -k apiKey -p Project --breakOnWarnings false --breakOnViolations true
node_modules/.bin/ts-node-client -c config.json 
npm / node module to transfer dependency information to TrustSource server.

Options:
  --apiKey, -k    apiKey                                             [default: null]
  --project, -p   Project name                                       [default: null]
  --branch, -b    Scan branch                                        [default: null]
  --tag, -t       Scan tag                                           [default: null]
  --binaryLinks   Binary links separated by comma                    [default: null]
  --url           url                                                [default: null]
  --config, -c    Config path                                        [default: null]
  --proxy         Proxy url like 'https://user:password@host:port'   [default: null]
  --version       Prints a version                                   [default: null]
  --saveAs, -o              Save as file (file name prefix)          [default: null]
  --saveAsFormat, -f      Save as format (scan / cydx / spdx)       [default: null]
  --debug                                                            [default: null]
  --simulate                                                         [default: null]
  --includeDevDependencies                                           [default: null]
  --meteor                                                           [default: null]
  --breakOnWarnings                                                  [default: null]
  --breakOnViolations                                                [default: null]
  --help          Prints a usage statement                           [boolean]

PLEASE NOTE: if you want to pass param into function you should add value, for example:

--breakOnViolations true or --saveAs sbom

Software bill of materials

View SBOM

Known problems

Error: The programmatic API was removed in npm v8.0.0

You should upgrade to 2.* versions of ts-node-client

Changelog available inside CHANGELOG.md

[DEPRECATED] Changelog

3.0.*

  • npm.ls cli -> package-lock.json parse
  • npm removed
  • updated dependencies

2.1.*

  • Migrate 1.6.* - 1.8.* changes to version 2.1
  • Bump dependencies

2.0.*

  • Support new scan tool and fix problem with programmatic API for >= [email protected]
  • Stop usage of global-npm until we find new resolution
  • Get back npm as local dependency

1.8.*

  • SBOM
  • --saveAs and --saveAsFormat
  • Bump minimist from 1.2.5 to 1.2.6
  • Bump urijs from 1.19.10 to 1.19.11
  • replace packageurl-js with simple local function
  • improve docs

1.7.*

  • request -> axios
  • fix dependencies
  • doc fixes

1.6.*

  • --breakOnWarnings and --breakOnViolations
  • Bump devDependencies

1.5.*

  • Describe Error: The programmatic API was removed in npm v8.0.0
  • Bump devDependencies
  • Introduce sonarjs

1.4.*

  • Bump glob-parent from 5.1.1 to 5.1.2
  • Bump path-parse from 1.0.6 to 1.0.7
  • Bump lodash from 4.17.19 to 4.17.21
  • Bump y18n from 4.0.0 to 4.0.1
  • Added:
    • option --includeDevDependencies. It is allow to scan dev dependencies

1.3.*

  • Use global-npm (meaning npm is no longer a dependency of ts-node-client)

1.2.*

  • Added:
    • option --brakeOnViolations. It is fail build in case any violations after scan transferred.
    • option --brakeOnWarnings. It is fail build in case any warning after scan transferred.

1.1.*

  • userName is not required param for scans
  • Support usage of scan meta param binaryLinks inside Options definition

1.0.*

  • Node JS and dependencies updates "node": ">= 8.12.0"

0.3.*

  • Improve variable usage and tasks migration
  • Support usage of scan meta params: branch and tag inside Options definition
  • Skip npmDependency without names
  • Update travis config
  • Update dependency to resolve vulnerabilities

0.2.*

  • Added proxy support and config
  • Update travis config
  • Updated README.md with app.trustsource.io
  • Updated default url to app.trustsource.io
  • Added windows support
  • Fixed json
  • Removed:
    • options: --credentials and --credentialsFile instead you should use --config.
    • option --baseUrl instead you should use --url.
  • Added:
    • option --config. It is similar to credentials, but it will contain any config information.
    • option --url. It is similar to baseUrl.
    • option --apiKey and --userName so it will be unnecessary to create .tsrc.json file.
    • options --version and --help.
    • options shortcut.

License

Apache-2.0