Sign Up for Free

RunKit +

Try any Node.js package right in your browser

This is a playground to test code. It runs a full Node.js environment and already has all of npm’s 400,000 packages pre-installed, including grunt-packlock with all npm packages installed. Try it out:

require("grunt/package.json"); // grunt is a peer dependency. var gruntPacklock = require("grunt-packlock")

This service is provided by RunKit and is not affiliated with npm, Inc or the package authors.

grunt-packlock v0.0.5

Whitelisting of node modules

Lockdown your modules by specifying a list of approved modules and versions (with semver). Packlock will scan against this list and report modules that are unapproved or at an unapproved version.

Grunt config


npm install grunt-retire --save-dev

Add to your gruntfile:



        packlock: {
            scan: {
                options: {
                    whitelist: 'test/packlock.json',
                    recurse: true

Specifying the policy

The policy consists of a simple .json file containing modules and versions. Semver is used to check version so you can use ranges etc. as specified on the semver page.

    "commander": "^2.2.0",
    "read-installed": "^2.0.3"


RunKit is a free, in-browser JavaScript dev environment for prototyping Node.js code, with every npm package installed. Sign up to share your code.
Sign Up for Free