provider → scanner

Author: alii

README.md

@@ -1,19 +1,19 @@
 <img src="https://bun.com/logo.png" height="36" />
 
-# Bun Security Provider Template
+# Bun Security Scanner Template
 
 > [!WARNING]
 > This feature is currently unfinished but will be shipping soon. Track progress at https://github.com/oven-sh/bun/pull/21183
 
-A template for creating a security provider for Bun's package installation
-process. Security providers scan packages against your threat intelligence feeds  
+A template for creating a security scanner for Bun's package installation
+process. Security scanners scan packages against your threat intelligence feeds
 and control whether installations proceed based on detected threats.
 
 📚 [**Full documentation**](https://bun.com/docs/install/security)
 
 ## How It Works
 
-When packages are installed via Bun, your security provider:
+When packages are installed via Bun, your security scanner:
 
 1. **Receives** package information (name, version)
 2. **Queries** your threat intelligence API
@@ -56,9 +56,9 @@ const ThreatFeedItemSchema = z.object({
 
 ### Useful Bun APIs
 
-Bun provides several built-in APIs that are particularly useful for security providers:
+Bun provides several built-in APIs that are particularly useful for security scanner:
 
-- [**Security Provider API Reference**](https://bun.com/reference/bun/Security): Complete API documentation for security providers
+- [**Security scanner API Reference**](https://bun.com/docs/install/security): Complete API documentation for security scanners
 - [**`Bun.semver.satisfies()`**](https://bun.com/docs/api/semver): Essential for checking if package versions match vulnerability ranges. No external dependencies needed.
 
   ```typescript
@@ -81,7 +81,7 @@ bun test
 
 ## Publishing Your Provider
 
-Publish your security provider to npm:
+Publish your security scanner to npm:
 
 ```bash
 bun publish

package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@acme/bun",
-	"description": "Bun security provider for Acme",
+	"description": "Bun security scanner for acmecorp",
 	"version": "1.0.0",
 	"author": "Acme",
 	"license": "MIT",

src/index.ts

@@ -31,8 +31,8 @@ async function fetchThreatFeed(packages: Bun.Security.Package[]): Promise<Threat
 	});
 }
 
-export const provider: Bun.Security.Provider = {
-	version: '1', // This is the version of Bun security provider implementation. You should keep this set as '1'
+export const scanner: Bun.Security.Scanner = {
+	version: '1', // This is the version of Bun security scanner implementation. You should keep this set as '1'
 	async scan({packages}) {
 		const feed = await fetchThreatFeed(packages);
 

temp.d.ts

@@ -40,7 +40,7 @@ declare module 'bun' {
 			 * Level represents the degree of danger for a security advisory
 			 *
 			 * Bun behaves differently depending on the values returned from the
-			 * {@link Provider.scan `scan()`} hook:
+			 * {@link Scanner.scan `scan()`} hook:
 			 *
 			 * > In any case, Bun *always* pretty prints *all* the advisories,
 			 * > but...
@@ -72,14 +72,14 @@ declare module 'bun' {
 			description: string | null;
 		}
 
-		export interface Provider {
+		export interface Scanner {
 			/**
-			 * This is the version of the provider implementation. It may change in
+			 * This is the version of the scanner implementation. It may change in
 			 * future versions, so we will use this version to discriminate between
 			 * such versions. It's entirely possible this API changes in the future
 			 * so much that version 1 would no longer be supported.
 			 *
-			 * The version is required because third-party provider package versions
+			 * The version is required because third-party scanner package versions
 			 * are inherently unrelated to Bun versions
 			 */
 			version: '1';