Linux command
fixmynpm 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Check the global ~/.npmrc
fixmynpm doctor
Scan a directory tree
fixmynpm audit --root [path/to/projects]
Apply recommended fixes
fixmynpm fixer --root [path/to/projects]
Example
fixmynpm fixer --root [path/to/projects] --dry-run
Hunt for a specific package
fixmynpm scan --package "[lodash@4.17.20]" --incident
Example
fixmynpm scan --root [~/code] --npmrc
说明
fixmynpm is a diagnostic CLI for finding and fixing insecure or misconfigured .npmrc files. It inspects the global ~/.npmrc, walks project directories for nested .npmrc files, audits each entry against a built-in catalogue of security rules, and can apply fixes automatically. Built-in checks cover registry validation, TLS settings, authentication-token handling, lifecycle-script execution, and dependency-confusion risks. In addition to configuration hygiene, fixmynpm doubles as an incident-response tool: the scan command can recurse through node_modules to locate specific compromised packages by name, version range, or bundled-.npmrc presence, making it useful when responding to supply-chain advisories.
参数
- doctor
- Inspect ~/.npmrc and report security or configuration violations with suggested fixes.
- audit
- Recursively scan a directory tree, listing every .npmrc file and the issues found in each.
- fixer
- Apply recommended corrections to .npmrc files discovered during a scan.
- scan
- Locate .npmrc files or search node_modules for specific packages (incident-response mode).
- --root _dir_
- Starting directory for scan, audit, and fixer (defaults to the user's home directory).
- --package _glob_
- Filter scan results to packages matching a name or glob pattern.
- --version _range_
- Filter scan results by semver range when combined with --package.
- --npmrc
- Limit scan output to packages that bundle a .npmrc file.
- --incident
- Enable incident-response heuristics, including bundled .npmrc detection inside node_modules.
- --dry-run
- Show planned changes without modifying any files.
FAQ
What is the fixmynpm command used for?
fixmynpm is a diagnostic CLI for finding and fixing insecure or misconfigured .npmrc files. It inspects the global ~/.npmrc, walks project directories for nested .npmrc files, audits each entry against a built-in catalogue of security rules, and can apply fixes automatically. Built-in checks cover registry validation, TLS settings, authentication-token handling, lifecycle-script execution, and dependency-confusion risks. In addition to configuration hygiene, fixmynpm doubles as an incident-response tool: the scan command can recurse through node_modules to locate specific compromised packages by name, version range, or bundled-.npmrc presence, making it useful when responding to supply-chain advisories.
How do I run a basic fixmynpm example?
Run `fixmynpm doctor` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does doctor do in fixmynpm?
Inspect ~/.npmrc and report security or configuration violations with suggested fixes.