← Back to changelog

New Analysis Engine for Node.js Security

RequireSafe

Today we’re excited to announce another great Community Engine! This one’s from the good folks at ^Lift Security who have turned their requireSafe tool into an engine for Node.js.

requireSafe audits your Node.js modules using a seasoned auditing team and alerts you to vulnerabilities when Node Security Project advisories are created or updated. Add it to your analysis today and reap the benefits of standards enforcement and dependency checking across your whole company or OSS contributions!

RequireSafe-Engine-in-CLI

As with all Code Climate Engines, requireSafe can be run via our hosted analysis, or on the Code Climate CLI.

To add requireSafe − or any − Engines to your analysis:

  1. Ensure you’ve enabled our Engines-based Platform.

  2. Add requiresafe to your .codeclimate.yml file:

engines:
    requiresafe:
        enabled: true
3. Your hosted analysis at codeclimate.com is now good to go! If you’re also using the Code Climate CLI, you’ll need to update that too. Just run brew update && brew upgrade codeclimate.

Actionable metrics for engineering leaders. Try Velocity Free