_spartan is a node application designed to secure node applications. Please ensure that you have all of the requirements in place before proceeding


requirements To use _spartan, you’ll need to have the following installed:

  1. (optional) homebrew (osx), choclatey (windows), apt-get (debian/linux)
  2. node (8.0 or later)
  3. npm (6.4.1 or later) or yarn (LTS)


  1. Create a new application: npm init to accept the defaults be sure to use the ‘-y’ flag
    • optional: Enable version control w/ git: git init
  2. Install the package:

    npm install -g spartan-shield

    installs _spartan as a command line module you can use in any project
    • There’s some wonkiness installing on Linux using the -g flag as access to /usr/bin/ requires elevated permissions. To overcome this, install as sudo npm install -g spartan-shield. If necessary, you should still be able to install and run it locally without the global flag
  3. Run the package: _spartan init creates a policy based upon your answers to a few questions. Use ‘y’ to generate a default policy and boilerplate code


Assuming there are no errors, you will see 3 new files/folders in your local directory:

  • security.json => the policy file based upon the questions you answered OR the default policy
  • security.js => the module which points to all of the submodules generated based upon your policy
  • security/ => all of the pre-configured submodules generated from your policy. security.js points to these files.


_spartan throws ‘ENOENT’ (no entity) errors for each of the following conditions

  • No package.json file => either run npm init or make sure to run _spartan from the same location as package.json
  • No default policy => if you run _spartan -D and get this error, then _spartan can’t find the default policy (packaged with the module); the quickest way to deal with this is to pull the default policy from github by running _spartan -R which restores the factory default policy restore default

    Default policy restoration requires wget. If you don’t already have this installed, use homebrew or similar to get this package

Other potential installation errors

  • Required programs missing => _spartan won’t be able to generate integrity (hash) values if either shasum or openssl utilities are missing; if you don’t already have them installed, use homebrew or similar to install them or make sure they are correctly linked to /usr/bin | /usr/local/bin system directories depending upon your operating system


See _spartan help section for additional error information