A python library to check for vulnerabilities in yarn.lock files.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jeromediaz from gravatar.com jeromediaz

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: Jérôme DIAZ
  • Tags js , npm , security , yarn
  • Requires: Python >=3.8
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

JS-DEPENDENCY-AUDIT

PyPI - License PyPI - Python Version PyPI - Version

A library to help perform a security audit check using a yarn (v1) lock file.

Not intended to be used as a standalone tool, but as part of a system periodically checking for vulnerabilities.

Usage

from js_dependency_audit.lock_file_content import LockFileContent
from js_dependency_audit.security_audit_request import request_security_audit

lock_file_content = LockFileContent.from_yarn_file("files/yarn.lock")
audit_data = request_security_audit(lock_file_content)

License

This project is licensed under the MIT License - see the LICENSE file for details.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jeromediaz from gravatar.com jeromediaz

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: Jérôme DIAZ
  • Tags js , npm , security , yarn
  • Requires: Python >=3.8
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

This version

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

js_dependency_audit-0.0.1.tar.gz (5.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

js_dependency_audit-0.0.1-py3-none-any.whl (6.4 kB view details)

Uploaded Python 3

File details

Details for the file js_dependency_audit-0.0.1.tar.gz.

File metadata

  • Download URL: js_dependency_audit-0.0.1.tar.gz
  • Upload date:
  • Size: 5.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.3

File hashes

Hashes for js_dependency_audit-0.0.1.tar.gz
Algorithm Hash digest
SHA256 bff61fc72b1563985bf3a520897ee168ae6236043fa1d1b2c9bbee79b62bc229
MD5 39775254bbd55e9b071b40b005ee103b
BLAKE2b-256 d148b9b9bc4fc6923dadb8332e8030a23da6aedfa152b2c49d3489395ef09eb6

See more details on using hashes here.

File details

Details for the file js_dependency_audit-0.0.1-py3-none-any.whl.

File metadata

File hashes

Hashes for js_dependency_audit-0.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 7af0a7ba44eb08e6f933fd42b9a3272a98137e65356f085c7e762d7139016082
MD5 9d257f4b05de4ea1f1de79d8d25928a8
BLAKE2b-256 97286cf198f6911b4a8370118e02a0c2771f9cab9e217965254f2b1d29cd069a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page