DEV Community

Cover image for Apply rules and automations to your npm registries
Daniel Parmenvik
Daniel Parmenvik

Posted on • Updated on

Apply rules and automations to your npm registries

Most developers would rather be coding than spend time managing dependencies. To keep up with the fast releases proper tooling is a necessity.

Manually monitoring dependencies for known vulnerabilities is both a time sink and a liability. Performing point-in-time checks will eventually mean you regret why you didn't do it automatically.

Spending time making sure that all teams and systems only use the same approved dependencies, across different environments, is also neither productive or fun.

Managing dependencies securely and efficiently involves the need of a tool that offloads some of the work for you. So you can focus on other things - and avoid human error.

Watch this video to learn how Plugins and Policies in Bytesafe let you apply business rules and automations for your secure private npm registries - so you don't have to.

πŸ§‘β€πŸ’» Sit back, relax and let Byteasafe's plugins & policies do the work for you.

πŸ” Here are just a few use cases:

βœ… Lock versions for a registry with Freeze - making sure every user gets the exact same versions from the registry that you used for development - A powerful way to lock dependencies after development is completed, before passing it to QA/Testing or build systems.

βœ… Block specific packages or packages with known vulnerabilities

βœ… Auto increment package versions on publish to the registry - so you don’t have to manually step the version before every publish

βœ… Auto forward package versions to linked upstream registries. Storing maintainer tokens securely in Bytesafe + using Forward plugins removes the need to share maintainer tokens (and avoid security risks).

There is more to discover! Give Bytesafe a try.

Follow Bytesafe on Twitter Bytesafe - A better way to control your software supply chain | Product Hunt

Top comments (0)