-
Notifications
You must be signed in to change notification settings - Fork 128
Upgrade nsp #4324
Comments
Actually, let's wait on https://github.com/nodesecurity/nsp/issues/207 for this. |
Now that npm has acquired NSP: "This service remains operational for current users in its current state. No new features or fixes will be implemented." The nsp repo has been archived and that above link to the issue returns a 404. 😞 |
Looks like npm/npm#20565 is relevant to our interest. |
Actually, it looks like the Node Security Platform (nsp) service is shutting down 9/30. |
Still no update on a replacement for |
I'm not a huge fan of npm audit yet, as it seems like a poor clone of the nsp service. Plus, forcing everybody onto npm@6 seems poor. I know some other projects are using https://snyk.io/ to manage vuln detection. |
closing in favor of #4704 |
This is a follow-up to #4280. The newer version of
nsp
is not ignoring the advisories we ask it to in.nsprc
. A configuration change is probably needed.The text was updated successfully, but these errors were encountered: