NodeSecurity Dependencies Inspection

Codacy currently supports nodesecurity/nsp and uses it to check your project for insecure/vulnerable dependencies.

For security reasons Codacy only runs offline tools in the cloud version.

It will run the nsp checks if your projects contains a npm-shrinkwrap.json in the root.

This file will contain the tree of dependencies of your project and will allow the tool to look for vulnerable versions.


Have more questions? Submit a request


Article is closed for comments.