NodeSource evaluates publicly-available packages based on weighted criteria and uses a custom algorithm to compute a “trust score” for each package.
When packages are added or updated they are evaluated against critical, major, and minor criteria, giving your team up-to-date information on the security and reliability of modules.
Certified Modules is a plug-and-play replacement for your npm registry.
After creating your NodeSource account:
npm -g install nscm in your terminal to install the Certified Modules command line tool.
ncsm signin to authenticate your NodeSource account. Add
Get Back to Work
After successfully authenticating you can edit your whitelist, invite team members, and use npm as you normally would.
Log in to your Certified Modules dashboard to search for packages. Dead-simple quantitative scores let you easily and quickly identify high-quality results. Drill down to get detailed information on key evaluation factors for each package.
Developers who attempt to
npm install a non-certified package will be prompted to select a different package or request an addition to the whitelist. Adding non-certified packages to a whitelist makes them available for use within a specific private registry, and whitelist privileges can be assigned to any user within your organization.
Create multiple teams of users for different projects and assign or revoke whitelist privileges. In-app checkout makes it easy to add more seats as your project grows.