Skip to content

Improve scriptaudit package credibility#6

Open
rogerchappel wants to merge 1 commit into
mainfrom
garden/package-credibility-20260613
Open

Improve scriptaudit package credibility#6
rogerchappel wants to merge 1 commit into
mainfrom
garden/package-credibility-20260613

Conversation

@rogerchappel

@rogerchappel rogerchappel commented Jun 13, 2026

Copy link
Copy Markdown
Owner

What changed

  • Included release/support documents in the npm package allowlist.

Why it matters

Developers evaluating or installing the package get accurate project links, support documents in published tarballs, and CI that exercises the actual package contract.

Verification

npm pkg get repository bugs homepage author license description => 0
{
  "repository": {
    "type": "git",
    "url": "git+https://github.com/rogerchappel/scriptaudit.git"
  },
  "bugs": {
    "url": "https://github.com/rogerchappel/scriptaudit/issues"
  },
  "homepage": "https://github.com/rogerchappel/scriptaudit#readme",
  "author": "Roger Chappel",
  "license": "MIT",
  "description": "Local-first CLI that audits package scripts and command docs into deterministic safety maps."
}
npm pack --dry-run => 0
npm notice
npm notice 📦  scriptaudit@0.1.0
npm notice Tarball Contents
npm notice 607B CHANGELOG.md
npm notice 2.0kB CONTRIBUTING.md
npm notice 1.1kB LICENSE
npm notice 2.8kB README.md
npm notice 1.3kB SECURITY.md
npm notice 582B docs/orchestration.json
npm notice 851B docs/ORCHESTRATION.md
npm notice 2.9kB docs/PRD.md
npm notice 1.3kB docs/promo/agent-cli-video-brief.md
npm notice 375B docs/README.md
npm notice 1.0kB docs/TASKS.md
npm notice 1.8kB docs/tutorials/audit-agent-cli-scripts.md
npm notice 190B examples/agent-cli-audit.config.json
npm notice 280B examples/fixtures/agent-cli/package.json
npm notice 299B examples/fixtures/agent-cli/README.md
npm notice 186B examples/fixtures/clean/package.json
npm notice 193B examples/fixtures/config-override/package.json
npm notice 220B examples/fixtures/config-override/scriptaudit.config.json
npm notice 37B examples/fixtures/docs-only/docs/runbook.md
npm notice 45B examples/fixtures/docs-only/Makefile
npm notice 85B examples/fixtures/docs-only/README.md
npm notice 137B examples/fixtures/monorepo/package.json
npm notice 127B examples/fixtures/monorepo/packages/app/package.json
npm notice 27B examples/fixtures/monorepo/pnpm-workspace.yaml
npm notice 259B examples/fixtures/risky/package.json
npm notice 1.4kB package.json
npm notice Tarball Details
npm notice name: scriptaudit
npm notice version: 0.1.0
npm notice filename: scriptaudit-0.1.0.tgz
npm notice package size: 8.1 kB
npm notice unpacked size: 20.0 kB
npm notice shasum: a3ce29be1758e53883fa49275f68b9a2788aac6d
npm notice integrity: sha512-fzIuTPK2IsO3A[...]MH/gCON5c49gw==
npm notice total files: 26
npm notice
scriptaudit-0.1.0.tgz

Follow-up

No release was published or tagged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rogerchappel