{"id":13646418,"url":"https://github.com/nearform/gammaray","last_synced_at":"2025-04-21T18:31:06.365Z","repository":{"id":139000335,"uuid":"120004419","full_name":"nearform/gammaray","owner":"nearform","description":"Node.js vulnerability scanner","archived":true,"fork":false,"pushed_at":"2020-02-06T15:50:56.000Z","size":24037,"stargazers_count":103,"open_issues_count":4,"forks_count":5,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-03-26T17:53:33.815Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nearform.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-02-02T16:27:46.000Z","updated_at":"2025-02-11T21:33:50.000Z","dependencies_parsed_at":null,"dependency_job_id":"2bdfe122-7a4d-4108-9756-0ba55c32259b","html_url":"https://github.com/nearform/gammaray","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nearform%2Fgammaray","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nearform%2Fgammaray/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nearform%2Fgammaray/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nearform%2Fgammaray/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nearform","download_url":"https://codeload.github.com/nearform/gammaray/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250110855,"owners_count":21376545,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T01:02:55.117Z","updated_at":"2025-04-21T18:31:06.359Z","avatar_url":"https://github.com/nearform.png","language":"Go","funding_links":[],"categories":["Go","Vulnerabilities and Security Advisories"],"sub_categories":[],"readme":"# Gamma Ray\n[![Go Report Card](https://goreportcard.com/badge/github.com/nearform/gammaray)](https://goreportcard.com/report/github.com/nearform/gammaray)\n![Travis](https://travis-ci.org/nearform/gammaray.svg?branch=master)\n[![Coverage Status](https://coveralls.io/repos/github/nearform/gammaray/badge.svg?branch=master)](https://coveralls.io/github/nearform/gammaray?branch=master)\n\nGammaray is a software that helps developers to look for vulnerabilities on their Node.js\napplications. Its pluggable infrastructure makes very easy to write an integration with\nseveral vulnerabilities databases.\n\n## Get It\n\nIn order to get it just run:\n\n```console\n$\u003e go get github.com/nearform/gammaray\n```\nOnce it is finished, you should have the `gammaray` binary in your `GOPATH/bin` folder.\n\n## Build it\n\n```console\n$\u003e make\n```\n\n## Usage\n\nGammaray comes as a single binary so you only need to run it passing your project as argument:\n\n```console\n$\u003e gammaray \u003cpath-to-your-node-app\u003e\n```\n\nGammaray supports the following flags:\n\n`-path` - path to directory where package.json is located\n\n`-image` - docker image to scan\n\n`-log-level` - valid values: `panic` | `fatal` | `error` | `warn` | `info` | `debug`. The default is `info`.\n\n`-ignore-list` - path to JSON file with CVE/CWE ignore array\nThe sample file is shown below:\n```\n[\n  {\"CVE\": \"CWE-400\", \"description\": \"We ignore this because it does not affect us\"},\n  {\"CVE\": \"CVE-2015-8851\", \"description\": \"We ignore this because it does not affect us\"}\n]\n```\n\nAnd that is all, all the vulnerabilities that affect your packages will be displayed.\n\n## Contributing\n\n### As a developer\n\nClone the repository, then start hacking, PRs are welcome !\n\n```console\n$\u003e mkdir -p $GOPATH/src/github.com/nearform/\n$\u003e cd $GOPATH/src/github.com/nearform/\n$\u003e git clone https://github.com/nearform/gammaray.git\n$\u003e cd gammaray\n$\u003e make dev-install\n```\n\n### As security provider\n\nYou want to be integrated? Contact me [here](https://www.linkedin.com/in/david-gonzalez-microservices/)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnearform%2Fgammaray","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnearform%2Fgammaray","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnearform%2Fgammaray/lists"}