遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/684)
<a href="https://www.bestpractices.dev/projects/684"><img src="https://www.bestpractices.dev/projects/684/badge"></a>
Node Version Manager - POSIX-compliant bash script to manage multiple active node.js versions
nobody wants to help.
This is an archaic requirement that deters contributors.
Repository on GitHub, which uses git. git is distributed.
https://github.com/nvm-sh/nvm/issues?q=is%3Aissue+is%3Aopen+label%3A%22pull+request+wanted%22
Github requires 2FA, as does the nvm-sh org.
Github provides this.
https://github.com/nvm-sh/nvm/blob/HEAD/CONTRIBUTING.md#style-guide--coding-conventions
there's only one maintainer.
No build.
There is no standard way for POSIX, but you can run npm test and it will run the tests. https://github.com/nvm-sh/nvm/blob/master/package.json#L9
npm test
https://github.com/nvm-sh/nvm/actions
There isn't a tool that exists.
Uses whatever curl/wget, and nodejs.org, use.
Found all required security hardening headers. It's handled by https://github.com
December 12, 2023: https://ostif.org/nvm-audit-complete/
Harden runner in GHA: https://github.com/nvm-sh/nvm/blob/master/.github/workflows/tests.yml#L28-L36
CodeQL
后退