Repositories list

• cli

  Public
  JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.

  JavaScript

  •

  MIT License

  •39•367•5•3•Updated Jan 15, 2025Jan 15, 2025

• scanner

  Public
  ⚡️ A package API to run a static analysis of your module's dependencies. This is the CLI engine!

  nodejssecurityscanner+ 3auditsastnodesecure

  TypeScript

  •

  MIT License

  •13•30•5•1•Updated Jan 13, 2025Jan 13, 2025

• Governance

  Public
  NodeSecure Governance (Code of conduct & Contribution guidelines)

  MIT License

  •4•13•3•0•Updated Jan 12, 2025Jan 12, 2025

• vulnera

  Public
  Programmatically fetch security vulnerabilities with one or many strategies (NPM Audit, Sonatype, Snyk, Node.js DB).

  npmauditvulnerabilities+ 3vulnnodesecuresecurity

  TypeScript

  •

  MIT License

  •13•30•5•1•Updated Jan 8, 2025Jan 8, 2025

• report

  Public
  NodeSecure HTML & PDF report generator for any public and/or private git repositories.

  nodejssecurityreport+ 2hacktoberfestsecurity-tool

  JavaScript

  •

  MIT License

  •13•14•3•1•Updated Jan 5, 2025Jan 5, 2025

• fs-walk

  Public
  Modern FileSystem (fs) utilities to lazy walk directories Asynchronously (but also Synchronously)

  utilitysystemlazy+ 4fsfilerecursivewalk

  TypeScript

  •

  MIT License

  •3•0•0•0•Updated Jan 5, 2025Jan 5, 2025

• github

  Public
  Download and Extract Github repository

  githubgitextract+ 2archivetargz

  TypeScript

  •

  MIT License

  •3•4•0•0•Updated Jan 5, 2025Jan 5, 2025

• gitlab

  Public
  Download and extract gitlab repository

  gitgitlabdownload+ 5extractorextractarchivetargztargz-extractor

  TypeScript

  •

  MIT License

  •3•3•0•0•Updated Jan 5, 2025Jan 5, 2025

• js-x-ray

  Public
  JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.

  nodejsjavascriptsecurity-audit+ 6astsastast-analysissupply-chain-securitysecuritysecurity-tools

  JavaScript

  •

  MIT License

  •25•228•6•0•Updated Jan 5, 2025Jan 5, 2025

• npm-registry-sdk

  Public
  Node.js SDK to fetch data from the npm API.

  npmregistrysdk

  TypeScript

  •

  MIT License

  •8•9•2•0•Updated Jan 5, 2025Jan 5, 2025

• npm-security-fetcher

  Public
  a Node.js CLI created to simplify the analysis of npm registry packages.

  nodejsclisecurity+ 3analyserfetchernpm

  TypeScript

  •

  MIT License

  •4•3•0•0•Updated Jan 5, 2025Jan 5, 2025

• ossf-scorecard-sdk

  Public
  Node.js SDK for OpenSSF scorecard

  nodejsopensourcenode+ 4sdkscorecardossfopenssf

  TypeScript

  •

  MIT License

  •3•6•0•0•Updated Jan 5, 2025Jan 5, 2025

• utils

  Public
  Utilities for NodeSecure

  TypeScript

  •

  MIT License

  •3•0•0•0•Updated Jan 5, 2025Jan 5, 2025

• ci

  Public
  NodeSecure tool enabling secured continuous integration

  TypeScript

  •

  MIT License

  •8•21•3•2•Updated Jan 5, 2025Jan 5, 2025

• flags

  Public
  NodeSecure security flags 🚩 (configuration and documentation)

  securitydocumentationflags+ 1nodesecure

  HTML

  •

  MIT License

  •7•2•1•0•Updated Jan 4, 2025Jan 4, 2025

• ci-action

  Public
  The official GitHub action of the @nodesecure/ci package

  JavaScript

  •

  MIT License

  •3•9•0•0•Updated Jan 4, 2025Jan 4, 2025

• eslint-config

  Public archive
  NodeSecure ESLint configuration (Work for both JavaScript and TypeScript projects).

  nodejsjavascripttypescript+ 2eslint-plugineslint

  JavaScript

  •

  MIT License

  •2•6•0•0•Updated Aug 14, 2024Aug 14, 2024

• i18n

  Public archive
  NodeSecure Internationalization

  i18npackagenodesecure

  JavaScript

  •

  MIT License

  •10•1•0•0•Updated Aug 14, 2024Aug 14, 2024

• rc

  Public archive
  NodeSecure runtime configuration

  securityruntimeconfiguration+ 1nodesecure

  TypeScript

  •

  MIT License

  •5•7•0•0•Updated Aug 14, 2024Aug 14, 2024

• authors

  Public archive
  DEPRECATED (replaced by @nodesecure/contact)

  JavaScript

  •

  MIT License

  •3•1•0•1•Updated Aug 14, 2024Aug 14, 2024

• licenses-conformance

  Public archive
  Parse spdx license expressions into structured object

  spdxlicensesconformance+ 1nodejs

  TypeScript

  •

  MIT License

  •1•1•0•0•Updated Jul 31, 2024Jul 31, 2024

• npm-tarball-license-parser

  Public archive
  npm tarball license parser and conformance checker

  parsernodetarball+ 1npm

  TypeScript

  •

  MIT License

  •3•0•0•0•Updated Jul 31, 2024Jul 31, 2024

• domain-check

  Public archive
  Node.js module which helps you to check informations about domains

  JavaScript

  •

  MIT License

  •3•9•0•0•Updated Jul 31, 2024Jul 31, 2024

• .github

  Public
  0•0•0•0•Updated Jul 31, 2024Jul 31, 2024

• database

  Public
  NodeSecure Security Database

  MIT License

  •0•1•2•1•Updated May 9, 2024May 9, 2024

• rfcs

  Public
  💬 Exchange and discuss the future of NodeSecure (new ideas and projects etc).

  MIT License

  •0•0•4•0•Updated Mar 16, 2024Mar 16, 2024

• size-satisfies

  Public archive
  Same as SemVer.satisfies but for file size!

  JavaScript

  •

  MIT License

  •6•0•0•0•Updated Dec 4, 2023Dec 4, 2023

• estree-ast-utils

  Public archive
  Utilities for AST (ESTree compliant)

  JavaScript

  •

  MIT License

  •1•2•2•0•Updated Dec 1, 2023Dec 1, 2023

• sec-literal

  Public archive
  Security utilities to analyze ESTree Literal and JavaScript string primitive. Detect Hexadecimal, Base64, suffix and prefix patterns etc..

  literalestreesecurity

  JavaScript

  •

  MIT License

  •5•4•1•0•Updated Dec 1, 2023Dec 1, 2023

• preview

  Public archive
  Scan your node packages in your browser!

  TypeScript

  •

  MIT License

  •5•4•0•0•Updated Nov 30, 2023Nov 30, 2023