A cli tool for retirejs written in golang - aka a single binary!
Features
- Scan a specific JavaScript file
- Scrape JavaScript assets from a url and check for vulnerable libraries
- Scan a directory for vulnerable libraries
retirejs http://example.com
retirejs ~/vcs/test
# Fetch code
go get github.com/rezen/retirejs
git clone https://github.com/rezen/retirejs.git
cd ./retirejs/cmd/retirejs/
go build -o retirejs main.go
GOOS=windows GOARCH=386 go build -o retirejs.exe main.go
# Add binary to your path
cp retirejs /usr/bin/retirejs
- Report formats
- Check sha1
- Use headless chrome to scrape versions from DOM
- Receive from stdin pipe
- Web directory listing of assets handling
- Maybe npm modules? (npm audit does this but single binary is muy bien)