0.4.1 • Published 10 years ago

carat v0.4.1

Weekly downloads
3
License
ISC
Repository
github
Last release
10 years ago

Carat


Scans Node.js programs for vulnerabilities. Uses Espect

Usage:


From terminal:

$ carat <file> [options]

Example:

$ carat vulns/fs.js
---------------- vulns/fs.js
vuln
 sink:
  line: vulns/fs.js:4
  code: fs.readFileSync(process.argv[2])
source:
  line: vulns/fs.js:4
  code: process
vuln
 sink:
  line: vulns/fs.js:8
  code: eval(data)
source:
  line: vulns/fs.js:8
  code: data

Notes to keep in mind:

Code is written in es6, only traverses es5 for now.

0.4.1

10 years ago

0.4.0

10 years ago

0.3.2

10 years ago

0.3.1

10 years ago

0.3.0

10 years ago

0.2.6

10 years ago

0.2.5

10 years ago

0.2.4

10 years ago

0.2.2

10 years ago

0.2.1

10 years ago

0.2.0

10 years ago

0.0.4

10 years ago

0.0.3

10 years ago

0.0.2

10 years ago

0.0.1

10 years ago

0.1.1

10 years ago

0.1.0

10 years ago