Add @patchstack/connect (JS/Node) install page; link it from npm API docs#61
Open
ejntaylor wants to merge 2 commits into
Open
Add @patchstack/connect (JS/Node) install page; link it from npm API docs#61ejntaylor wants to merge 2 commits into
ejntaylor wants to merge 2 commits into
Conversation
docs.patchstack.com described npm coverage only as a partner-level, host-applied integration; a security-reviewing AI agent read that as contradicting the self-install connector and concluded the npm package was counterfeit (see patchstack/connect#67). Adds an official page for @patchstack/connect under Installing Patchstack and a note on the npm Threat Intelligence page distinguishing the two paths. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
|
Clear documentation addition linking JS/Node install guide to npm API docs. 🎯 Quality: 96% Elite · 📦 Size: Small 📈 This month: Your 225th PR — above team average · Averaging Elite |
✅ Deploy Preview for deluxe-meerkat-8daf24 ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
install.txt is being removed from patchstack.com (patchstack-website#350); the package's guide CLI and repo docs are the versioned sources of truth. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
docs.patchstack.com currently describes npm vulnerability coverage only as a partner-level, host-applied integration (Threat Intelligence API npm features). During a real install attempt on 2026-07-14, a security-reviewing AI build agent checked these docs to verify
@patchstack/connect, found no mention of it, read "npm scanning is applied by the host" as contradicting a self-installed package, and refused the install as suspected name-squatting. Listing the connector in the official docs is the durable fix (tracked from patchstack/connect#67).What
@patchstack/connectis (official, MIT, npm + GitHub links), what it reads and sends, the zero-signup install flow, build hooks, the disclosure widget, and how it relates to host-level npm protection.Build passes (192 pages).
🤖 Generated with Claude Code