Releases: nodejs/is-my-node-vulnerable
Releases · nodejs/is-my-node-vulnerable
v1.6.1
What's Changed
- chore: remove debug dependency by @RafaelGSS in #25
- Replace undici with native https.request by @trivikr in #26
- Replace @pkg/nv with https.request call by @trivikr in #27
New Contributors
Full Changelog: v1.6.0...v1.6.1
v1.6.0
What's Changed
- feat: add support to old versions of Node.js by @RafaelGSS in #23
Full Changelog: v1.5.0...v1.6.0
v1.5.0
What's Changed
- test: add BadBatchBug check by @RafaelGSS in #17
- feat: display cve severity on reporter by @RafaelGSS in #18
Full Changelog: v1.4.1...v1.5.0
v1.4.1
v1.4.0
What's Changed
- Update node version in action.yml: v16 -> v18 by @theboolean in #15
New Contributors
- @theboolean made their first contribution in #15
Full Changelog: v1.3.0...v1.4.0
v1.3.0
What's Changed
- feat: added platform validation by @UlisesGascon in #12
npx is-my-node-vulnerable
now checks if the public CVE affects your operating system
Full Changelog: v1.2.0...v1.3.0
v1.2.0
What's Changed
- test: add latest release to test by @RafaelGSS in #10
- Add Github Action capabilities by @UlisesGascon in #11
Github Action capabilities 🎉
Example:
Using it
name: "Node.js Vulnerabilities"
on:
schedule:
- cron: "0 0 * * *"
jobs:
is-my-node-vulnerable:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Check Node.js
uses: RafaelGSS/is-my-node-vulnerable@v1.2.0
with:
node-version: "18.14.1"
New Contributors
- @UlisesGascon made their first contribution in #11
Full Changelog: v1.1.0...v1.2.0
v1.1.0
v1.0.0
Worried about the security of your Node.js installation? This package is here to help!
It checks for known vulnerabilities by comparing your installed version to the Node.js Security Database and alerts you if any are found. Try it with:
$ npx is-my-node-vulnerable
Including it in your CI might be a good fit :)
v1.0.0-2
Full Changelog: v1.0.0-0...v1.0.0-2