The Node.js ecosystem is home to nearly half a million modules, but not all of these are secure, well-maintained, or up to date.
Yet organizations rely upon untrusted third-party Node modules to run mission-critical applications and services.
What does "Certified" mean?
NodeSource evaluates publicly available packages based on weighted criteria to determine a “trust score” for each package, monitoring for security vulnerabilities on an ongoing basis to identify emerging risk.
With Certified Modules, NodeSource provides a quantified level of trust in each of the modules we certify.
NodeSource Certified Modules provides a trust score for each module that we certify, with ongoing monitoring for security vulnerabilities to identify emerging risks.
This allows organizations to take advantage of the wide range of modules available within the ecosystem, with an added layer of assurance provided by NodeSource.
Our certified modules guarantee no known security vulnerabilities. Secure means:
Outages are a thing of the past as our highly available registry is guaranteed to be up. This means:
Node.js has long term support and now, so do your modules. You can count on NodeSource Certified Modules for:
NodeSource hosts a plug and play replacement for your npm registry.
After creating your NodeSource account:
npm -g install nscm in your terminal to install the Certified Modules command line tool.
ncsm signin to authenticate your NodeSource account. Add
Get Back to Work
After successfully authenticating you can edit your whitelist, invite team members, and use npm as you normally would.
Try it free for 14 days.
No credit card required.