Fork me on GitHub

Retire JS Analyzer

OWASP dependency-check includes a Retire JS Analyzer. This analyzer that will scan JavaScript files and utilize the Retire JS database to identify vulnerable libraries.

This analyzer is currently considered Experimental - however, this is expected to be promoted very quickly.

The ODC team would like to thank Steve Springett for his intial PR to introduce this analyzer, Philippe Arteau for the burp-retire-js plugin which provides much of the core functionality to use the Retire JS analysis in a Java application, and lastly Erlend Oftedal for building and maintaining RetireJS.

Files Types Scanned: *.js