$ npm install check-npm-maintainersCheck transitive npm maintainers of all dependencies in a project.
Reports packages where:
npm i -g check-npm-maintainers@latest
Create a trusted owners file (one username per line):
npm-username-1
npm-username-2
Then run from a project directory with a package.json:
check-npm-maintainers owners.txt
--prod Only check production dependencies
--key-owner <username> Key owners to verify (can be repeated)
Check only production dependencies:
check-npm-maintainers --prod owners.txt
Check with multiple key owners:
check-npm-maintainers --key-owner npm-username-1 --key-owner npm-username-2 owners.txt