vulnera
cli
vulnera | cli | |
---|---|---|
2 | 12 | |
30 | 361 | |
- | 0.6% | |
7.2 | 8.8 | |
9 days ago | 4 days ago | |
TypeScript | JavaScript | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
vulnera
-
📦 Everything you need to know: package managers
@nodesecure/vulnera, a Software Component Analysis (SCA) tool
-
Announcing NodeSecure Vulnera
Create a private database to benchmark the sources between them (see #29).
cli
-
Securizing your GitHub org
📢 By the way NodeSecure CLI has a first-class support of the scorecard.
-
JS-X-Ray 6.0
Those information are visible in the NodeSecure CLI interface:
-
📦 Everything you need to know: package managers
@nodesecure/cli, a CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project
-
Announcing NodeSecure Vulnera
Fun fact: its first contribution 🐤 on NodeSecure was also on the old version of the code Scanner that managed vulnerabilities.
- GitHub - NodeSecure/cli: JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.
-
A technical tale of NodeSecure - Chapter 2
When NodeSecure was a single project the AST analysis was at most a few hundred lines in two or three JavaScript files. All the logic was coded with if and else conditions directly in the walker 🙈.
-
NodeSecure - What's new in 2022 ?
View on GitHub
-
Detect Marak Squires packages with NodeSecure
NodeSecure can now detect packages created by Marak and it will generate a global warning ⚠️.
-
Node-Secure v0.9.0
After more than ten long months of work we are finally there 😵! Version 0.9.0 has been released on npm 🚀.
-
Announcing new Node-Secure back-end
Nsecure
What are some alternatives?
pwndoc - Pentest Report Generator
catalyst - Catalyst is a set of patterns and techniques for developing components within a complex application.
ci - NodeSecure tool enabling secured continuous integration
rc - NodeSecure runtime configuration
js-x-ray - JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
webappsec-subresource-integrity - WebAppSec Subresource Integrity
undici - An HTTP/1.1 client, written from scratch for Node.js
vuln - Programmatically fetch security vulnerabilities with one or many strategies (NPM Audit, Sonatype, Snyk, Node.js DB). [Moved to: https://github.com/NodeSecure/vulnera]
estree - The ESTree Spec
cli - Snyk CLI scans and monitors your projects for security vulnerabilities.