Announcing Node Security 2.0

One question we've been asked a lot since launching requireSafe: "How is this different from the Node Security Project?"

We've fought that confusion ourselves so today we're announcing that requireSafe will be fully consolidated into the Node Security Project.

This change lets us focus on the one thing we want to do really well: make security a core value of the node community. We couldn't be more excited about simplifying this effort by merging these projects.

Along with this change, we're putting significant work into improving the tooling, education materials, and guidance that the community has relied upon for the last three years.

This Monday, the new infrastructure will be deployed and Node Security 2.0 will be available. This brings with it massive improvements over the previous nsp release.

Some improvements include:

  • Massive performance increases for checking shrinkwrap and package files
  • Improved result accuracy
  • Proxy support
  • Exception support

Thanks to months of requireSafe development and great feedback from requireSafe's beta users, we have a lot more improvements already underway and we're excited to be able to bring them to the Node Security Project.

The Node Security team has put a lot of effort into these improvements and we hope they help you keep shipping secure projects.

If you have any features or feedback that would help make things better for you, please let us know

You might also enjoy reading: