Support private npm packages | Voters

Support private npm packages

complete

Adam Ocho

Socket currently skips dependencies which are private npm packages, since it does not have access to them. This means that it does not analyze the transitive dependencies contained therein. Socket should support analyzing these somehow.

Created by Feross Aboukhadijeh (Socket)

September 29, 2022

Feross Aboukhadijeh (Socket)

marked this post as

complete

This is complete! The official way to get npm private package support is to add the private package as an npm/yarn workspace in your main project. If you need assistance with setting this up, please get in touch at support@socket.dev.

Feross Aboukhadijeh (Socket)

marked this post as

planned

Support for private npm packages is on our roadmap. For now if you want to analyze this package with socket you can either (1) add socket to that repository directly or (2) you can add the private package as a workspace within your main project. Let us know if you need any help with either of these workarounds.