Add option to exclude packages from the --validate-integrity
check
#188
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Add a new option available on the CLI as --integrity-exclude which allows user to disable the --validate-integrity check for specific packages.
Also, format the table in the lockfile-lint package's README. Some more formatting happened as a result of commit hooks.
Types of changes
Related Issue
#187
Motivation and Context
I have a project where I use a dependency available only on the GitLab npm registry. This registry only provides SHA1 integrity values and so dependency installed from there are rejected when using the
--validate-integrity
option. As a result I can't use--validate-integrity
to at least enforce strong integrity values for dependencies from other registries.How Has This Been Tested?
Unit testing: updated the tests and ran
npm run test
. I was using Node.js v20.9.0 while working on this.Screenshots (if appropriate):
n/a
Checklist: