Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/lirantal/cwe-sdk

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
https://github.com/lirantal/cwe-sdk

Last synced: 21 days ago
JSON representation

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

Awesome Lists containing this project

README 

        


 ⚠️ IMPORTANT NOTICE ⚠️

  



  



    This project gratuated into the OWASP family and is now managed at OWASP/cwe-sdk-javascript




---





  cwe-sdk






  A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC






  npm version

  license

  downloads

  build

  codecov

  Known Vulnerabilities

  Responsible Disclosure Policy




# Install



```bash

yarn add cwe-sdk

```



# Usage



Require the CweManager class and use its methods



```js

const { CweManager } = require('cwe-sdk')

```



# Example



```js

const { CweManager } = require('cwe-sdk')



const cweManager = new CweManager()

const result = cweManager.isChildOf({ weaknessId: '117', parentId: '116' })



console.log(result) // true

```



# Build



This CWE SDK has a build process that prepares the JSON data by downloading the latest version of the CWE archive (e.g. https://cwe.mitre.org/data/xml/cwec_v4.1.xml.zip) and then crunches it to create the following data snapshots:



1. A mirror JSON object, available at `./raw/cwe-archive.json`

2. A JSON dictionary to easily access CWEs by their ID, available at `./raw/cwe-dictionary.json`

3. A JSON array for the relationship hierarchy between CWEs, available at `./raw/cwe-hierarchy.json`



This work is made possible thanks to scripts in `./build/`



# Contributing



Please consult [CONTRIBUTING](./CONTRIBUTING.md) for guidelines on contributing to this project.



# Author



**cwe-sdk** © [Liran Tal](https://github.com/lirantal), Released under the [Apache-2.0](./LICENSE) License.