sandworm-audit
sandworm-guard-js
sandworm-audit | sandworm-guard-js | |
---|---|---|
6 | 9 | |
463 | 248 | |
-0.4% | 0.4% | |
8.4 | 0.0 | |
6 months ago | about 1 year ago | |
JavaScript | JavaScript | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
sandworm-audit
-
Anyone else’s project use so many deprecated packages
use https://github.com/sandworm-hq/sandworm-audit. if u run it for your app the deprecated libraries will show up in the list of issues found (contributor)
-
Running Eleventy Serverless On AWS Lambda@Edge
And as you add more dependencies, it’s time to also build security and compliance into your app early. Sandworm Audit is the open-source npm audit that doesn’t suck: it checks for multiple types of issues, like vulnerabilities or license compliance, it outputs SVG charts and CSVs, and you can also run it in your CI to enforce security rules. Check the docs and npx @sandworm/audit in your JavaScript app’s root to try it out 🪱.
- Beautiful Security & License Compliance Reports For Your App's Dependencies
-
Sinkchart - open source visualisation tool for your JS dependencies
This is why we've created Sinkchart - beautiful Visualizations For Your App's Dependencies
-
Beautiful Visualizations For Your App's Dependencies
made with https://github.com/sandworm-hq/sinkchart
sandworm-guard-js
- Sandworm: Keep Your JavaScript Code Secure and Compliant
-
Running Eleventy Serverless On AWS Lambda@Edge
When building Sandworm’s open-source security & license compliance audits for JavaScript packages, we wanted to generate a catalog of beautiful report visualizations for every library in the npm registry. That is, for every version of every library in the registry. We soon found out — that’s more than 30 million package versions. Good luck generating, uploading, and keeping that amount of HTML pages up to date in a decent amount of time, right?
-
FOSS: Sandworm - Easy auditing & sandboxing for JS dependencies
No whitepaper yet, but here's where the magic happens: https://github.com/sandworm-hq/sandworm-guard-js/blob/main/src/patch.js
-
[AskJS] Open source license compliance
You can use https://sandworm.dev to quickly inspect individual licenses for packages when considering adding them as a dependency (note: I'm one of the developers).
- Sandworm.JS - dynamically analyses over 2M javascript packages to offer zero day, real time protection against malicious scripts.
- Dynamic analysis for JS dependencies + intercepts all potentially harmful Node & browser APIs, like arbitrary code execution or network calls
- Show HN: Sandworm.js-Security audit& fine grained permissions for NPM packages
-
Sandworm.JS - npm module permissions system
Hey all - we’re a small team of developers working on making Javascript more secure! We’re working on a OSS product named Sandworm.JS - a sandboxing & malware detection tool for npm packages. Would love to hear your feedback and feel free to try it out and contribute if you’re passionate about this topic: https://github.com/sandworm-hq/sandworm-js
What are some alternatives?
sandworm-jest - Security Snapshot Testing Inside Your Jest Test Suite 🪱
CodeBox - A sandbox coding environment - desktop app, inspired by CodePen and JSFiddle
serverless-graphql - Serverless GraphQL Examples for AWS AppSync and Apollo
SES-shim - Endo is a distributed secure JavaScript sandbox, based on SES
11ty-lambda-edge-demo - A simple tutorial for running Eleventy Serverless on AWS Lambda@Edge
fetch-intercept - Interceptor library for the native fetch command inspired by angular http intercepts.
Gatsby - The best React-based framework with performance, scalability and security built in.
overlay - Overlay is a browser extension helping developers evaluate open source packages before picking them
Liquid - Liquid markup language. Safe, customer facing template language for flexible web apps.
sandworm-mocha - Security Snapshot Testing Inside Your Mocha Test Suite 🪱
eleventy 🕚⚡️ - A simpler site generator. Transforms a directory of templates (of varying types) into HTML.
Next.js - The React Framework