SPoint42 / retire.js Public

forked from RetireJS/retire.js

Notifications You must be signed in to change notification settings
Fork 0
Star 0

scanner detecting the use of JavaScript libraries with known vulnerabilities

bekk.github.io/retire.js/

0 stars 419 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 224 Commits
chrome		chrome
docs		docs
firefox		firefox
node		node
repository		repository
.gitignore		.gitignore
LICENSE.md		LICENSE.md
README.md		README.md
build_chrome.sh		build_chrome.sh
fx.sh		fx.sh
simpleserver.py		simpleserver.py

Repository files navigation

Retire.js

What you require you must also retire

There is a pletora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies development, but we need to stay up-to-date on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your webapp. The goal of Retire.js is to help you detect the use of JS-library versions with known vulnerabilities.

Retire.js has three parts:

Command line scanner

Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules.

Chrome extension

Scans visited sites for references to insecure libraries, and puts warnings in the developer console. An icon on the address bar displays will also indicated if vulnerable libraries were loaded.

Grunt plugin

A Grunt task for running Retire.js as part of your application's build routine, or some other automated workflow.

About

scanner detecting the use of JavaScript libraries with known vulnerabilities

bekk.github.io/retire.js/

Report repository

Releases

No releases published

Packages

No packages published