Skip to content

atwupack/owasp-dependency-check

Repository files navigation

owasp-dependency-check

build npm-publish npm version

⚠️ If you are upgrading from version 0.0.x, please note the following.

  • This package is maintained at atwupack/owasp-dependency-check.
  • New features as proxy support and GitHub authentication have been added.
  • There have been minor changes like the removal of latest and returning the result code from the dependency-check-cli which could cause problems after upgrading.
  • Please check the CHANGELOG if you run into any problems.
  • Please report bug reports or feature requests here.

⚠️ Requires Node.js version 20 or greater.

Introduction

This package is a Node.js wrapper for the OWASP dependency-check-cli.

It is based on the work of etnetera/owasp-dependency-check.

You can see the current OWASP report here.

You can see the current code coverage report here.

Installation

npm install -D owasp-dependency-check

Usage

The easiest way is to add a new NPM script to your package.json, for example:

"scripts": {
  ...
  "owasp": "owasp-dependency-check --project \"YOUR PROJECT NAME\" [options]"
}

Options

Owasp Dependency Core options

You can specify any arguments that the OWASP dependency-check-cli provides. For example, to generate an HTML and JSON report, use:

"scripts": {
  ...
  "owasp": "owasp-dependency-check --project \"YOUR PROJECT NAME\" -f HTML -f JSON"
}

Additional options

Use owasp-dependency-check --help to check other options.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Contributors 10