cli
ci
cli | ci | |
---|---|---|
12 | 4 | |
360 | 19 | |
0.3% | - | |
8.8 | 5.8 | |
4 days ago | 1 day ago | |
JavaScript | TypeScript | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cli
-
Securizing your GitHub org
📢 By the way NodeSecure CLI has a first-class support of the scorecard.
-
JS-X-Ray 6.0
Those information are visible in the NodeSecure CLI interface:
-
📦 Everything you need to know: package managers
@nodesecure/cli, a CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project
-
Announcing NodeSecure Vulnera
Fun fact: its first contribution 🐤 on NodeSecure was also on the old version of the code Scanner that managed vulnerabilities.
- GitHub - NodeSecure/cli: JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.
-
A technical tale of NodeSecure - Chapter 2
When NodeSecure was a single project the AST analysis was at most a few hundred lines in two or three JavaScript files. All the logic was coded with if and else conditions directly in the walker 🙈.
-
NodeSecure - What's new in 2022 ?
View on GitHub
-
Detect Marak Squires packages with NodeSecure
NodeSecure can now detect packages created by Marak and it will generate a global warning ⚠️.
-
Node-Secure v0.9.0
After more than ten long months of work we are finally there 😵! Version 0.9.0 has been released on npm 🚀.
-
Announcing new Node-Secure back-end
Nsecure
ci
-
JS-X-Ray 6.0
i18n (for translation in CI or CLI).
-
📦 Everything you need to know: package managers
@nodesecure/ci, a tool allowing to run SAST, SCA and many more analysis in CI/CDs or in a local environment
- NodeSecure - What's new in 2022 ?
-
Make your JavaScript project safer by using this workflow
@nodesecure/ci brings together a set of tools to identify dependencies vulnerabilities and track most common malicious code and patterns using Static Code Analysis and Vulnerabilities Analysis
What are some alternatives?
catalyst - Catalyst is a set of patterns and techniques for developing components within a complex application.
ci-action - The official GitHub action of the @nodesecure/ci package
rc - NodeSecure runtime configuration
js-x-ray - JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
undici - An HTTP/1.1 client, written from scratch for Node.js
webappsec-subresource-integrity - WebAppSec Subresource Integrity
estree - The ESTree Spec
scanner - ⚡️ A package API to run a static analysis of your module's dependencies. This is the CLI engine!
astexplorer - A web tool to explore the ASTs generated by various parsers.
vulnera - Programmatically fetch security vulnerabilities with one or many strategies (NPM Audit, Sonatype, Snyk, Node.js DB).