Frontend application security.
All contributions are welcome, please carefully review the contributing guidelines prior to submitting a pull request.
- Helmet - Middleware to set HTTP security headers for Express applications.
- next-safe - A simple way to configure CSP headers in Next.js applications.
- server-only - Ensure your code is only run on the server.
- Valibot - A library for validating data.
- Zod - TypeScript-first validation library.
- Gitleaks - Scans git repositories for secrets.
- Semgrep - Static analysis tool for finding bugs and enforcing code standards.
- Trufflehog - Searches for secrets and other sensitive information.
- Dependabot - Automated dependency updates as PRs.
- npm-audit - Built into npm, run
npm audit
to check for vulnerabilities in your dependencies. - Socket - Dependency analysis and reporting for security and licensing issues.
- CSP Evaluator - Check your CSP headers for common issues.
- shcheck - A CLI for checking website security headers.
- Stanford CS 253 Web Security - Comprehensive overview of web security (Fall 2021).