Name		Name	Last commit message	Last commit date
Latest commit History 103 Commits
chrome		chrome
docs		docs
node		node
repository		repository
.gitignore		.gitignore
README.md		README.md
build_chrome.sh		build_chrome.sh
simpleserver.py		simpleserver.py

Repository files navigation

Retire.js

What you require you must also retire

There is a pletora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies development, but we need to stay up-to-date on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your webapp. The goal of Retire.js is to help you detect the use of JS-library versions with known vulnerabilities.

Retire.js has three parts:

Command line scanner

Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules.

Chrome extension

Scans visited sites for references to insecure libraries, and puts warnings in the developer console. A icon on the address bar displays will also indicated if vulnerable libraries were loaded.

Grunt plugin

A Grunt task for running Retire.js as part of your application's build routine, or some other automated workflow.

About

scanner detecting the use of JavaScript libraries with known vulnerabilites

bekk.github.io/retire.js/

Report repository

Releases

No releases published

Packages

No packages published