Save analyzed packages

Open oliverchang opened this issue 4 years ago • 1 comments

Sometimes package versions are removed from package registries. We should save them somewhere so we can go back and reference them from our results.

Feb 10 '22 01:02 oliverchang

It also appears as though packages are not immutable for the same version.

I suspect we want to name them based on a hash of the file (or the integrity data from npm)

Feb 10 '22 03:02 calebbrown