Installations
npm install npm-pack-zipScore
65.7
Supply Chain
78.9
Quality
71
Maintenance
50
Vulnerability
97.9
License
Releases
Unable to fetch releases
Developer
mwasplund
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
14.17.5
NPM Version
6.14.14
Statistics
9 Stars
33 Commits
12 Forks
2 Watching
1 Branches
1 Contributors
Updated on 01 Oct 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
1,149,478
Last day
-48.1%
749
Compared to previous day
Last week
0.1%
6,901
Compared to previous week
Last month
48.6%
24,535
Compared to previous month
Last year
-10.9%
228,989
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
This tool will create an archive of your package similar to npm pack, but will generate a zip file instead of a tarball.
It is designed to help you deploy NPM packages to AWS Lambda or Azure Web Apps.
This project uses the npm-packlist project to build up the list of files to include and all bundle dependencies. Check out their documentation on how to exclude files from the archive.
Installation
npm install --save-dev npm-pack-zip
Example
my-lambda is an npm package I want to run as an AWS Lambda Function.
Install pack-zip locally in my-lambda
npm install --save-dev npm-pack-zip
Install any runtime dependencies of my-lambda.
npm install
Modify my-lambda/package.json:
"scripts": {
"pack": "npm-pack-zip"
...
}
Create the .zip file containing my-lambda and its dependencies, ready to upload to AWS Lambda
npm run pack
Static date modified of the files inside the zip
If you need to create *.zip package with static date modified of the files inside then you can use the flag --static-date-modified . This can be used if you are using automation deployment to the AWS, where the server checkouts the code (brand new) each time deployment is triggered. Hash can be calculated so that you can check with the hash in AWS so that you can check if the code is changed.
"scripts": {
"pack": "npm-pack-zip --static-date-modified"
...
}
"scripts": {
"pack": "npm-pack-zip --sdm"
...
}
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
7 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-29xr-v42j-r956
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Reason
Found 4/25 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 9 are checked with a SAST tool
Score
1.8
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More