{"id":13469548,"url":"https://github.com/gradejs/gradejs","last_synced_at":"2025-03-26T07:30:45.727Z","repository":{"id":37244800,"uuid":"407130594","full_name":"gradejs/gradejs","owner":"gradejs","description":"GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.","archived":false,"fork":false,"pushed_at":"2022-11-08T16:05:56.000Z","size":3072,"stargazers_count":407,"open_issues_count":5,"forks_count":11,"subscribers_count":6,"default_branch":"develop","last_synced_at":"2024-08-01T15:19:40.705Z","etag":null,"topics":["bugbounty","bundle","bundling","javascript","npm","package-management","security-tools","vulnerability","vulnerability-detection","webpack","website-security"],"latest_commit_sha":null,"homepage":"https://gradejs.com","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gradejs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-09-16T11:04:34.000Z","updated_at":"2024-07-22T23:14:50.000Z","dependencies_parsed_at":"2023-01-21T04:02:51.384Z","dependency_job_id":null,"html_url":"https://github.com/gradejs/gradejs","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradejs%2Fgradejs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradejs%2Fgradejs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradejs%2Fgradejs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gradejs%2Fgradejs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gradejs","download_url":"https://codeload.github.com/gradejs/gradejs/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222121829,"owners_count":16934973,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","bundle","bundling","javascript","npm","package-management","security-tools","vulnerability","vulnerability-detection","webpack","website-security"],"created_at":"2024-07-31T15:01:44.333Z","updated_at":"2024-10-29T22:31:19.659Z","avatar_url":"https://github.com/gradejs.png","language":"TypeScript","readme":"# GradeJS\n\nGradeJS is an open-source project that allows you to analyze webpack production bundles without having access to the source code of a website. It detects a list of bundled NPM libraries and works even for minified or tree-shaken bundles.\n\nIt parses the abstract syntax tree from a JavaScript file, detects the webpack bootstrap entities and localizes module boundaries. A webpack-bundled module usually represents either a single file of an NPM library or a subset of concatenated files. By using built-in AST hash functions, GradeJS generates special signatures per each exported entity, which are retrospectively looked up in the pre-made database index by a matching algorithm. The matching algorithm is quite straightforward and based on a probabilistic approach.\n\n![Preview](./docs/preview-1.png)\n![Preview](./docs/preview-2.png)\n\nMore info:\n\n- [How it works?](https://github.com/gradejs/gradejs/discussions/6)\n- [Understanding Accuracy](https://github.com/gradejs/gradejs/discussions/8)\n\n## How to use\n\nGo to the [https://gradejs.com/](https://gradejs.com/) and enter a site in the `https://example.com` format. An analysis is performed server-side. Once the bundle is analyzed, the package name, version, size, and relative percentage size of the packages are returned.\n\n## Supported bundlers \u0026 packages\n\nCurrent beta version supports [webpack](https://webpack.js.org/) from 3 to 5 and have indexed ~3,000 most popular NPM libraries over ~100,000 releases.\n\n## Contributing\n\nWe value your feedback, please use Discussions for questions and comments. If you encounter any suspicious behavior, false or missing results, please file a new issue. At this stage, we don't expect direct code contributions yet.\n","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgradejs%2Fgradejs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgradejs%2Fgradejs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgradejs%2Fgradejs/lists"}