package that checks if your Node.js installation is vulnerable to known security vulnerabilities
MIT License
Bot releases are hidden (Show)
Full Changelog: https://github.com/RafaelGSS/is-my-node-vulnerable/compare/v1.4.1...v1.5.0
Published by RafaelGSS 5 months ago
Full Changelog: https://github.com/RafaelGSS/is-my-node-vulnerable/compare/v1.4.0...v1.4.1
Published by RafaelGSS 5 months ago
Full Changelog: https://github.com/RafaelGSS/is-my-node-vulnerable/compare/v1.3.0...v1.4.0
Published by RafaelGSS over 1 year ago
npx is-my-node-vulnerable
now checks if the public CVE affects your operating systemFull Changelog: https://github.com/RafaelGSS/is-my-node-vulnerable/compare/v1.2.0...v1.3.0
Published by RafaelGSS over 1 year ago
Example:
Using it
name: "Node.js Vulnerabilities"
on:
schedule:
- cron: "0 0 * * *"
jobs:
is-my-node-vulnerable:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Check Node.js
uses: RafaelGSS/[email protected]
with:
node-version: "18.14.1"
Full Changelog: https://github.com/RafaelGSS/is-my-node-vulnerable/compare/v1.1.0...v1.2.0
Published by RafaelGSS over 1 year ago
Full Changelog: https://github.com/RafaelGSS/is-my-node-vulnerable/compare/v1.0.0...v1.1.0
Worried about the security of your Node.js installation? This package is here to help!
It checks for known vulnerabilities by comparing your installed version to the Node.js Security Database and alerts you if any are found. Try it with:
$ npx is-my-node-vulnerable
Including it in your CI might be a good fit :)
Published by RafaelGSS over 1 year ago
Published by RafaelGSS over 1 year ago