Greetings Darsh, We are glad to hear about your interest in the MacPorts project.
I am afraid I do not know much about the npm audit feature (or npm for that matter). How do you propose to determine that a security vulnerability exists? If a vulnerability is identified, what would your project propose to do about it? As for helping with the build infrastructure, I am afraid others will have to chime in with suggestions. -Marcus > On Mar 13, 2020, at 11:28 AM, Darsh Patel <[email protected]> wrote: > > Hello everyone! > I'm Darsh, I'm 19 and I'm a Computer science undergrad. I'll give a super > short introduction in the and talk about my ideas for MacPorts, > > I'm currently working part-time for a LegalTech Startup ( for free, no > obligations per se) as a DevOps and Backend Lead. I've been into tech since a > very young age, put on paper ( literally ) by this article in Times of India > about a smart home project I built when I was 14. > I'm primarily a backend developer, but I'm competent with the rest of the > stack too. I also have a background in CyberSecurity ( I have a CEH > Certification too ). Here's my CV in case you want to know more > > My Project idea for GSoC: I'd like to help implement vulnerability scanning > and audit for ports, Similar to npm's "audit" feature. I was also looking > into writing scripts to help current ports follow better security practices > and enforce them. > Also, is there a need/plan to change the build infrastructure? I'd love to > help with that in any way I can, helping with improving logging / more > efficient package builds, etc. > > I'm all ears for feedback and suggestions for my ideas, > > Super Excited, > Darsh > >
