retire.js
A scanner that detects JavaScript libraries with known vulnerabilities and can generate a Software Bill of Materials (SBOM).
What is retire.js?
Retire.js is a security tool that identifies JavaScript libraries and Node.js modules with known vulnerabilities in web and Node.js applications. It addresses the OWASP Top 10 security risk 'Using Components with Known Vulnerabilities' by scanning dependencies to help developers mitigate risks. The tool emphasizes proactive detection and retirement of insecure libraries to maintain application security.
Developers, security engineers, and penetration testers working with JavaScript or Node.js applications who need to ensure dependencies are free from known vulnerabilities. It is particularly useful for teams integrating security scanning into development workflows or CI/CD pipelines.
Developers choose Retire.js for its comprehensive integration options, including command-line scanning, build tool plugins, browser extensions, and penetration testing tool integrations, making it versatile for various security workflows. Its ability to generate Software Bill of Materials (SBOM) in CycloneDX format provides additional value for compliance and inventory management.
Overview
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
Use Cases
Best For
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
