UNPKG

owasp-dependency-check

Version:

A Node.js wrapper for the OWASP dependency-check-cli.

github.com/atwupack/owasp-dependency-check

atwupack/owasp-dependency-check

58 lines (39 loc) 2.43 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# owasp-dependency-check [![build](https://github.com/atwupack/owasp-dependency-check/actions/workflows/build.yml/badge.svg)](https://github.com/atwupack/owasp-dependency-check/actions/workflows/build.yml) [![npm-publish](https://github.com/atwupack/owasp-dependency-check/actions/workflows/npm-publish.yml/badge.svg)](https://github.com/atwupack/owasp-dependency-check/actions/workflows/npm-publish.yml) [![npm version](https://badge.fury.io/js/owasp-dependency-check.svg)](https://badge.fury.io/js/owasp-dependency-check) > ⚠️ If you are upgrading from version 0.0.x, please note the following. > > - This package is maintained at [atwupack/owasp-dependency-check](https://github.com/atwupack/owasp-dependency-check). > - New features as proxy support and GitHub authentication have been added. > - There have been minor changes like the removal of `latest` and returning the result code from the dependency-check-cli which could cause problems after upgrading. > - Please check the [CHANGELOG](https://github.com/atwupack/owasp-dependency-check/blob/main/CHANGELOG.md) if you run into any problems. > - Please report bug reports or feature requests [here](https://github.com/atwupack/owasp-dependency-check/issues). > ⚠️ Requires **Node.js** version 18 or greater. ## Introduction This package is a Node.js wrapper for the [OWASP dependency-check-cli](https://dependency-check.github.io/DependencyCheck/dependency-check-cli/). It is based on the work of [etnetera/owasp-dependency-check](https://github.com/etnetera/owasp-dependency-check). You can see the current report for this project [here](https://atwupack.github.io/owasp-dependency-check/dependency-check-report.html). ## Installation ``` npm install -D owasp-dependency-check ``` ## Usage The easiest way is to add a new NPM script to your `package.json`, for example: ``` "scripts": { ... "owasp": "owasp-dependency-check --project \"YOUR PROJECT NAME\" [options]" } ``` ## Options ### Owasp Dependency Core options You can specify any arguments that the [OWASP dependency-check-cli](https://dependency-check.github.io/DependencyCheck/dependency-check-cli/arguments.html) provides. For example, to generate an HTML and JSON report, use: ``` "scripts": { ... "owasp": "owasp-dependency-check --project \"YOUR PROJECT NAME\" -f HTML -f JSON" } ``` ### Additional options Use `owasp-dependency-check --help` to check other options.