is-my-node-supply-chain-secure

0.0.2 • Public • Published

is-my-node-supply-chain-secure

Scans your computer for node modules that are potentially vulnerable to supply chain attacks. You still need to review the code of modules that are not vulnerable, but this helps.

Holy crap... after scanning my own computer... I CAN NOT BELIEVE how many vulnerabilities there are. If we don't all start to lock our dependancies, the global econamy and tech infrastructure could be tanked in a day or two through a self replicating drive wipe which has a delay on self activation. This IS SO DANGERIOUS!

See if you are at risk by cloning this repo and running node index.js from the root of the cloned dir.

I was shocked. I will continue to add bretter reporting as I have time. I need to go walk my dog now, there is more to life than this, but if we don't treat this all with respect and start being security consious, when a war breaks out, it will be all of our faults that the global economy and tech sectors go DOWN like the hindenburg.

Let's try to learn from the past, not repeat it.

hindenburg

Package Sidebar

Install

npm i is-my-node-supply-chain-secure

Weekly Downloads

1

Version

0.0.2

License

MIT

Unpacked Size

11.9 kB

Total Files

10

Last publish

Collaborators

  • brandonnozakimiller