- name: Lint Lockfile
run: npx lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm --format plainlockfile-security:
script:
- npm install lockfile-lint
- npx lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm --format plain- run:
name: Validate Lockfile Security
command: npx lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm --format plainstage('Lockfile Security') {
steps {
sh 'npx lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm --format plain'
}
}{
"husky": {
"hooks": {
"pre-commit": "lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm"
}
}
}// .husky/pre-commit
#!/usr/bin/env sh
. "$(dirname -- "$0")/_/husky.sh"
npx lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm{
"lint-staged": {
"package-lock.json": [
"lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm"
]
}
}{
"scripts": {
"lint:lockfile": "lockfile-lint --path package-lock.json --validate-https --allowed-hosts npm",
"pretest": "npm run lint:lockfile",
"prepublishOnly": "npm run lint:lockfile"
}
}