https://github.com/vertigis/node-scanner

https://github.com/vertigis/node-scanner

Last synced: 4 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/vertigis/node-scanner
• Owner: vertigis
• License: mit
• Created: 2024-09-06T18:18:19.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2024-09-16T23:16:21.000Z (over 1 year ago)
• Last Synced: 2024-09-17T22:10:59.426Z (over 1 year ago)
• Size: 10.7 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Node-Scanner

Node Version Vulnerability Scanner lightweight CLI tool

This CLI tool is used in conjunction with [`is-my-node-vulnerable`](https://github.com/RafaelGSS/is-my-node-vulnerable), and allows you to properly identify and ignore vulnerabilities found in your installed Node version.

## How to run this tool

After installation, this tool can be run as follows:

`npx --yes @vertigis/node-scanner`

### Ignoring vulnerabilities

Vulnerabilities can be ignored by creating a file called `nodescan.json` at the root of your source directory. The json file is structured as follows:

```

{

    "vulnerabilities": [

        {    

            "cve": CVE is that is to be ignored,

            "expiry": Date in YYYY-MM-DD format,

            "statement": This is an optional property that allows for a comment on the vulnerability.

        },

        ...

    ]

}

```