Node vulnerability checker

• Node vulnerability checker
  • Introduction
  • Installation
  • How to use
    • Instructions
    • Examples
  • Images
  • Resources used to build this project

Introduction

• A CLI tool to check node package vulnerability
• The program takes package.json dependencies and run it against ossindex and osvindex vulnerability databases
• Output can be in either table, json or pretty-json format
• Run the program where package.json is available

Installation

git clone [email protected]:zekaryas1/node_vulnerability_checkr.git
cd node_vulnerability_checkr
npm install -g .

How to use

Instructions

Usage: check -with <provider-name> -format <display-option>

Options:
  --version  Show version number                                       [boolean]
  --with     Which vulnerability-info provider you want to use
                                     [string] [required] [choices: "oss", "osv"]
  --format   how to display the output as i.e table or json
           [string] [choices: "table", "json", "pretty-json"] [default: "table"]
  --help     Show help                                                 [boolean]

Examples

Run the program where package.json is available

#To run the checker with osv database
#Result is in table format
check --with osv

#To run the checker with oss database
check --with oss
 
#To get result in compressed-json format
check --with oss --format json

#To get result in default/pretty json format
check --with osv --format pretty-json

Images

• 
• 
• 

Resources used to build this project

• OSV api from google
• OSSindex api from sonatype
• Terminal utilities for node.js
• Testing with jest
• Argument management with yargs
• How to build terminal apps