Vulnerabilities Packages

A wrapper around NPM's built-in audit that adds extra features

TypeScript implementation of SSVC (Stakeholder-Specific Vulnerability Categorization). A prioritization framework to triage CVE vulnerabilities as an alternative or compliment to CVSS

Snippet to prevent XSS scripting

An opinionated, heavy-handed wrapper around Snyk.

Reshape into a better npm audit for the community and encourage more people to include security audit into their process.

Fitness App for your npm projects.

A JavaScript library for dealing with NVD, CVEs, and CPE strings.

Snyk Plugin for Spotify Backstage

NodeSecure vulnerabilities strategies

NodeSecure vulnerabilities strategies

Minimal application to convert npm audit report into gitlab-ci vulnerability report format.

Tiny converter to convert npm audit report into gitlab-ci dependency report format.

SOOS ( https://soos.io ) is an independent software security company, located in Winooski, VT USA, building security software for your team. Used for testing purposes, this tool is an example of fetching software license information from SOOS.

SOOS ( https://soos.io ) is an independent software security company, located in Winooski, VT USA, building security software for your team. Used for testing purposes, this tool is an example of fetching package information from SOOS.

SOOS ( https://soos.io ) is an independent software security company, located in Winooski, VT USA, building security software for your team. Used for testing purposes, this tool is an example of fetching vulnerability information from SOOS.

SOOS Static Application Security Testing (SAST) scanning support.

SOOS wrapper script to upload SBOMs.

SOOS Security Analysis CI - Check for vulnerabilities, policy violations and more!

This is the SOOS API Client for registered clients leveraging the various integrations to the SOOS platform.

SOOS ( https://soos.io ) is an independent software security company, located in Winooski, VT USA, building security software for your team. Used for testing purposes, this package is an example of a vulnerable package on a public registry.