Hi

I programmed the whole day and learned a lot. :D

On 2018-11-30 17:13, swedebugia wrote:

snip

> TODO:
> * make npm-recursive-import work by not fetching blacklisted packages

See the attached patches :)

> 
> * implement keyword blacklisting based on the descriptions
> 
> * match not just the whole string of blacklisted packages:
>    e.g. match also "rollup-plugin" when "rollup" is in the blacklist.

Done. See patch

> * get the tarballs from npm-registry instead as they are never missing
>    (githubs sometimes are) and likely reproducible.

Done, but not tested yet.

Also added a npm-uri (similar to pypi-uri) see patch.

Happy hacking!

-- 
Cheers Swedebugia