NodeSource认证模块命令行实用程序
nscm is a simple utility for NodeSource Certified Modules that can be used to easily authenticate with your Certified Modules registry, to whitelist pacakges that fail certification, and to generate a detailed report about current project and the modules it depends on.
You can install it from npm by running:
$ npm install -g nscm
This tool is meant to be used in the root folder of an application where the package.json file exists.
Usage: nscm [command] [options]Commands:config, c Configure nscm optionshelp Display helpreport, r Get a report of your packagessignin, s, login Sign in to nscmsignout, o, logout Sign out of nscmverify Verify if all packages are certifiedwhitelist, w Whitelist your packagesOptions:-C, --certified Shows only certified packages-c, --concurrency <n> Concurrency of requests (defaults to 15)-d, --dot Formats the report in Graphiz dot (disabled by default)-f, --failed Shows only packages that failed certification (disabled by default)-g, --github Sign in using GitHub SSO (disabled by default)-G, --google Sign in using Google SSO (disabled by default)-h, --help Output usage information-j, --json Formats the report in JSON (disabled by default)-o, --output Save report to file (disabled by default)-p, --production Only check production (disabled by default)-r, --registry Certified modules registry (defaults to "")-s, --svg Formats the report in SVG (disabled by default)-t, --token Token for registry authentication (defaults to "")-v, --version Output the version numberAdditional HelpAdd -h to the 'config' or 'whitelist' commands for additional help concerning those commands.nscm config -hnscm whitelist -h
nscm report (default)Returns a report of matching certified packages and their certification scores.
$ nscm reportplease wait while we process the information┌────────────────────────────────────┬───────────────┬────────┐│ Package │ Version │ Score │├────────────────────────────────────┼───────────────┼────────┤│ body-parser │ 1.15.2 │ 100 │├────────────────────────────────────┼───────────────┼────────┤│ debug │ 2.2.0 │ 70 │├────────────────────────────────────┼───────────────┼────────┤│ ms │ 0.7.1 │ 100 │├────────────────────────────────────┼───────────────┼────────┤│ bytes │ 2.4.0 │ 100 │├────────────────────────────────────┼───────────────┼────────┤│ content-type │ 1.0.2 │ 100 │├────────────────────────────────────┼───────────────┼────────┤│ depd │ 1.1.0 │ 100 │├────────────────────────────────────┼───────────────┼────────┤│ http-errors │ 1.5.1 │ 100 │├────────────────────────────────────┼───────────────┼────────┤│ inherits │ 2.0.3 │ 100 │├────────────────────────────────────┼───────────────┼────────┤
You can also pass --json to return the report in JSON format,--svg to return the report in SVG format, or--dot to return the report in Graphviz DOT format.
Use --production to return only dependencies and not devDependencies and--output to save a file (.json or .svg) for generated report.
If you want to filter the output you can use--certified to show only certified packages or--failed to show only packages that failed certification.
$ nscm report --production --jsonplease wait while we process the information[{"name": "body-parser","version": "1.15.2","from": "1.15.2 <1.16.0","score": 100},{"name": "debug","version": "2.2.0","from": ">=2.2.0 <2.3.0","score": 70},{"name": "ms","version": "0.7.1","from": "0.7.1","score": 100},{"name": "bytes","version": "2.4.0","from": "2.4.0","score": 100},...
nscm whitelistCheck which packages aren’t certified, and start an interactive prompt to add packages to the whitelist.
$ nscm whitelistplease wait while we process the information37 packages aren't certified, do you want to add them to the whitelist?? add debug@2.2.0 Yes? add setprototypeof@1.0.2 Yes? add statuses@1.3.1 No? add ee-first@1.1.1 No? add unpipe@1.0.0 (ynaH) All┌────────────────────────────────────┬───────────────┬────────┐│ Package │ Version │ Score │├────────────────────────────────────┼───────────────┼────────┤│ debug │ 2.2.0 │ 70 │├────────────────────────────────────┼───────────────┼────────┤│ setprototypeof │ 1.0.2 │ │├────────────────────────────────────┼───────────────┼────────┤...├────────────────────────────────────┼───────────────┼────────┤│ source-list-map │ 0.1.8 │ │├────────────────────────────────────┼───────────────┼────────┤│ webpack-core │ 0.6.9 │ │└────────────────────────────────────┴───────────────┴────────┘35 packages added to the whitelist
You can also pass --all to add all the packages to the whitelist and --json to return the packages in a JSON format.
nscm whitelist addAdd a package and its dependencies to the whitelist.
$ nscm whitelist add debug@2.x
If you pass only the package name, nscm will use latest. You can also pass a semver range or a specific version. If a semver range is passed it will be resolved to the highest published version that matches the range.
nscm whitelist deleteDelete a package from the whitelist.
$ nscm whitelist delete debug
nscm whitelist listLists all whitelisted packages.
$ nscm whitelist list┌────────────────────────────────────┬───────────────┬────────┐│ Package │ Version │ Score │├────────────────────────────────────┼───────────────┼────────┤│ acorn │ 4.0.1 │ │├────────────────────────────────────┼───────────────┼────────┤│ isarray │ 2.0.1 │ │└────────────────────────────────────┴───────────────┴────────┘2 packages in the whitelist
nscm whitelist resetRemoves all whitelisted packages.
nscm configtoken - Authentication Token. If not specified, it will be fetched from ~/.npmrc - requiredregistry - Private NodeSource Certified Modules registry URL. If not specified, it will be fetched from ~/.npmrc - requiredconcurrency - Concurrency of requests to package registry - default: 15nscm config set <key> <value>Modify the specified configuration option.
$ nscm config set concurrency 10
nscm config getGets a configuration option
$ nscm config get registryhttps://{registryId}.registry.nodesource.io
nscm config deleteDeletes a configuration option.
$ nscm config delete token
nscm config listList all configuration options.
$ nscm config listconcurrency = 15registry = https://{registryId}.registry.nodesource.io
nscm config resetReset all configuration options to default values.
$ nscm config reset
| Nathan White | GitHub/nw | Twitter/@nw |
|---|---|---|
| Julián Duque | GitHub/julianduque | Twitter/@julian_duque |
| Adrián Estrada | GitHub/edsadr | Twitter/@edsadr |
| Max Harris | GitHub/maxharris9 | Twitter/@maxharris9 |
| Tierney Cyren | GitHub/bnb | Twitter/@bitandbang |
| Giovanny Gongora | GitHub/Gioyik | Twitter/@Gioyik |
Contributions are welcomed from anyone wanting to improve this project!
nscm is Copyright (c) 2017 NodeSource and licensed under the MIT license. All rights not explicitly granted in the MIT license are reserved. See the included LICENSE.md file for more details.