OWASP dependency-check includes a Retire JS Analyzer. This analyzer that will scan JavaScript files and utilize the Retire JS database to identify vulnerable libraries.
This analyzer is currently considered Experimental - however, this is expected to be promoted very quickly.
The ODC team would like to thank Steve Springett for his intial PR to introduce this analyzer, Philippe Arteau for the burp-retire-js plugin which provides much of the core functionality to use the Retire JS analysis in a Java application, and lastly Erlend Oftedal for building and maintaining RetireJS.
Files Types Scanned: *.js
