📄️ Node Certified Modules v3
Overview
📄️ NodeSource Risk Score
NodeSource Certified Modules 3 (NCM 3) calculates a risk score for every third party package on npm. Each module is assessed for security vulnerabilities, license compliance concerns and a series of package risk and quality attributes.
📄️ Compliance
The Compliance group is for special criteria which have elevated legal and/or security implications.
📄️ Risk
The Risk group is for criteria which are intended to indicate whether a package's usage or installation may be abnormally risky, outside of purely security.
📄️ Quality
The Quality group is for criteria which are intended to indicate whether a package conforms to good open-source practices.
📄️ Getting Started
NodeSource Certified Modules 3.0 is directly accessible for N|Solid Account Users from the N|Solid Console. With a process connected either during debugging or while in Production, Account users have immediate access to relevant vulnerability information and AI-powered insights. NCM 3 is here to make managing code quality, security, and compliance a breeze over the full lifetime of any Node.js project. This allows developers and account users to fetch deep vulnerability information that is tailored to their organization's needs and notification practices.
📄️ Reports
ncm report
📄️ Whitelisting Packages
ncm whitelist
📄️ Switching Orgs & Config
ncm orgs \
