github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-13 15:23:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
gh-pages
DependencyCheck/analyzers/nodejs.html
Jeremy Long 615f6e3750 documentation version 1.4.5
2017-01-22 17:22:46 -05:00

274 lines
11 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2017-01-22
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20170122" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check &#x2013; Node.js Analyzer</title>
<link rel="stylesheet" href="../css/apache-maven-fluido-1.5.min.css" />
<link rel="stylesheet" href="../css/site.css" />
<link rel="stylesheet" href="../css/print.css" media="print" />
<script type="text/javascript" src="../js/apache-maven-fluido-1.5.min.js"></script>
<style type="text/css">
#bannerLeft { margin-top:-20px;margin-bottom:5px !important }
</style>
</head>
<body class="topBarDisabled">
<a href="https://github.com/jeremylong/DependencyCheck">
<img style="position: absolute; top: 0; right: 0; border: 0; z-index: 10000;"
src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
alt="Fork me on GitHub">
</a>
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<div id="bannerLeft">
<img src="../images/dc.svg" alt="OWASP dependency-check"/>
</div>
</div>
<div class="pull-right"> </div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class="">
<a href="../#" title="">
</a>
<span class="divider">/</span>
</li>
<li class="active ">Node.js Analyzer</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2017-01-22</li>
<li id="projectVersion" class="pull-right">
Version: 1.4.5
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">OWASP dependency-check</li>
<li>
<a href="../index.html" title="General">
<span class="icon-chevron-right"></span>
General</a>
</li>
<li>
<a href="../analyzers/index.html" title="File Type Analyzers">
<span class="icon-chevron-down"></span>
File Type Analyzers</a>
<ul class="nav nav-list">
<li>
<a href="../analyzers/archive-analyzer.html" title="Archive">
<span class="none"></span>
Archive</a>
</li>
<li>
<a href="../analyzers/assembly-analyzer.html" title="Assembly">
<span class="none"></span>
Assembly</a>
</li>
<li>
<a href="../analyzers/autoconf.html" title="Autoconf">
<span class="none"></span>
Autoconf</a>
</li>
<li>
<a href="../analyzers/central-analyzer.html" title="Central">
<span class="none"></span>
Central</a>
</li>
<li>
<a href="../analyzers/cmake.html" title="CMake">
<span class="none"></span>
CMake</a>
</li>
<li>
<a href="../analyzers/cocoapods.html" title="CocoaPods">
<span class="none"></span>
CocoaPods</a>
</li>
<li>
<a href="../analyzers/jar-analyzer.html" title="Jar">
<span class="none"></span>
Jar</a>
</li>
<li>
<a href="../analyzers/nexus-analyzer.html" title="Nexus">
<span class="none"></span>
Nexus</a>
</li>
<li class="active">
<a href="#"><span class="none"></span>Node.js</a>
</li>
<li>
<a href="../analyzers/nuspec-analyzer.html" title="Nuspec">
<span class="none"></span>
Nuspec</a>
</li>
<li>
<a href="../analyzers/openssl.html" title="OpenSSL">
<span class="none"></span>
OpenSSL</a>
</li>
<li>
<a href="../analyzers/python.html" title="Python">
<span class="none"></span>
Python</a>
</li>
<li>
<a href="../analyzers/ruby-gemspec.html" title="Ruby Gemspec">
<span class="none"></span>
Ruby Gemspec</a>
</li>
<li>
<a href="../analyzers/swift.html" title="Swift">
<span class="none"></span>
Swift</a>
</li>
</ul>
</li>
<li>
<a href="../modules.html" title="Modules">
<span class="icon-chevron-right"></span>
Modules</a>
</li>
<li class="nav-header">Project Documentation</li>
<li>
<a href="../project-info.html" title="Project Information">
<span class="icon-chevron-right"></span>
Project Information</a>
</li>
<li>
<a href="../project-reports.html" title="Project Reports">
<span class="icon-chevron-right"></span>
Project Reports</a>
</li>
</ul>
<hr />
<div id="poweredBy">
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
<div id="twitter">
<a href="https://twitter.com/ctxt" class="twitter-follow-button" data-show-count="true" data-align="left" data-size="medium" data-show-screen-name="true" data-lang="en">Follow ctxt</a>
<script type="text/javascript">!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
</div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
<a href="http://www.jetbrains.com/idea/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span10" >
<h1>Node.js Analyzer</h1>
<p><i>Experimental</i>: This analyzer is considered experimental. While this analyzer may be useful and provide valid results more testing must be completed to ensure that the false negative/false positive rates are acceptable. </p>
<p>OWASP dependency-check includes an analyzer that will scan <a class="externalLink" href="https://www.npmjs.com/">Node Package Manager</a> package specification files. The analyzer will collect as much information as it can about the package. The information collected is internally referred to as evidence and is grouped into vendor, product, and version buckets. Other analyzers later use this evidence to identify any Common Platform Enumeration (CPE) identifiers that apply.</p>
<p><i>Note</i>: Consider using <a class="externalLink" href="http://retirejs.github.io/retire.js/">Retire.js</a> or the Node Security Project auditing tool, <a class="externalLink" href="https://nodesecurity.io/tools">nsp</a> instead of, or in addition to OWASP dependency-check to analyze Node.js packages.</p>
<p>Files Types Scanned: <a class="externalLink" href="https://docs.npmjs.com/files/package.json">package.json</a></p>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2017
<a href="http://www.owasp.org">OWASP</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink