You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For npm, the remote audit is enabled by default to avoid false negatives. Let's make this in an opt-in in v6 to prefer offline-only first.
Additional Information
How do we deal with the fact that we might miss legitimate malware since the vdb is rebuilt only every x hours or so, and users might forget to refresh the database periodically?
The text was updated successfully, but these errors were encountered:
@prabhu I had started on a config file for depscan that would include allowing the user to set a setting to periodically update vdb at a user-specified interval. My thought was that we could also store the date/time of the last update and log that info at the beginning of every scan so that the user would be aware.
How about I return to this and add to v6... there are other things I want to incorporate into it when I have time, but this part is quite easy.
Request Description
For npm, the remote audit is enabled by default to avoid false negatives. Let's make this in an opt-in in v6 to prefer offline-only first.
Additional Information
How do we deal with the fact that we might miss legitimate malware since the vdb is rebuilt only every x hours or so, and users might forget to refresh the database periodically?
The text was updated successfully, but these errors were encountered: