Skip to content

Releases: NodeSecure/scanner

@nodesecure/[email protected]

03 Dec 19:52
@github-actions github-actions
@nodesecure/[email protected]
b9a9e45
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected]

Minor Changes

Loading

@nodesecure/[email protected]

03 Dec 19:52
@github-actions github-actions
@nodesecure/[email protected]
b9a9e45
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected] Latest
Latest

Minor Changes

Patch Changes

Assets 2
Loading

@nodesecure/[email protected]

29 Nov 10:29
@github-actions github-actions
@nodesecure/[email protected]
97033e6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected]

Major Changes

  • #554 3c32fb6 Thanks @clemgbld! - feat(scanner): add manifest integrity of root dependency in payload

Minor Changes

  • #554 3c32fb6 Thanks @clemgbld! - feat(scanner): add manifest integrity of root dependency in payload

Patch Changes

  • #555 1ecbe92 Thanks @fraxken! - Properly walk NPM tree using arborist with package-lock.json or node_modules when using the CWD().
Loading

@nodesecure/[email protected]

29 Nov 10:30
@github-actions github-actions
@nodesecure/[email protected]
97033e6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected]

Minor Changes

  • #548 d555469 Thanks @fraxken! - Customize JS-X-Ray behavior/options when running the scan. Use it to enable optionalWarnings when the scan run localy.

Patch Changes

Loading

@nodesecure/[email protected]

29 Nov 18:35
@github-actions github-actions
@nodesecure/[email protected]
309489c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected]

Minor Changes

  • #569 1e2d654 Thanks @fraxken! - Add a standalone export for extractors (for usage such as web imports)

Patch Changes

  • #567 8a7d42b Thanks @fraxken! - Fix an issue with the monorepo build command. Now each workspace build script is executed in CI and before publishing.
Loading

@nodesecure/[email protected]

29 Nov 10:30
@github-actions github-actions
@nodesecure/[email protected]
97033e6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected]

Major Changes

Minor Changes

  • #564 c91b2c6 Thanks @fraxken! - Add a new metadata property in the scanner payload

  • #554 3c32fb6 Thanks @clemgbld! - feat(scanner): add manifest integrity of root dependency in payload

  • #556 14cc3cd Thanks @fraxken! - Update scanner API documentation & add FromOptions interface to match CwdOptions

  • #562 dbc2562 Thanks @ErwanRaulo! - feat(extractor): Extends eventTarget instead of eventEmitter for browser compatibility

  • #548 d555469 Thanks @fraxken! - Customize JS-X-Ray behavior/options when running the scan. Use it to enable optionalWarnings when the scan run localy.

  • #560 3b653ee Thanks @clemgbld! - feat(depWalker): do not add integrity to payload in cwd for workspace

Patch Changes

Loading

@nodesecure/[email protected]

01 Nov 12:45
@github-actions github-actions
@nodesecure/[email protected]
b12281b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected]

Minor Changes

  • #544 281c720 Thanks @clemgbld! - feat(scanner): add npm token based on registry for sdk calls

  • #542 49c5bbb Thanks @fraxken! - Improve type-squatting global-warning by removing it on remote scan and also when there is to much similar packages

Loading

@nodesecure/[email protected]

23 Oct 21:21
@github-actions github-actions
@nodesecure/[email protected]
5765023
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected]

Minor Changes

Patch Changes

Loading

@nodesecure/[email protected]

23 Oct 21:21
@github-actions github-actions
@nodesecure/[email protected]
5765023
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected]

Minor Changes

  • #535 746c0fd Thanks @clemgbld! - feat(scanner): implement dependency confusion detection

  • #540 6105c7f Thanks @clemgbld! - feat(scanner): add dependency warning only when getting a 404 from the public npm registry

  • #541 dadb7fb Thanks @fraxken! - Keep NPM provenance (attestations) in Dependency version

Patch Changes

Loading

@nodesecure/[email protected]

23 Oct 21:21
@github-actions github-actions
@nodesecure/[email protected]
5765023
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
@nodesecure/[email protected]

Minor Changes

Loading