atwupackowasp-dependency-check
⚠️ If you are upgrading from version 0.0.x, please note the following.
- This package is maintained at atwupack/owasp-dependency-check.
- New features as proxy support and GitHub authentication have been added.
- There have been minor changes like the removal of
latestand returning the result code from the dependency-check-cli which could cause problems after upgrading.- Please check the CHANGELOG if you run into any problems.
- Please report bug reports or feature requests here.
⚠️ Requires Node.js version 18 or greater.
Introduction
This package is a Node.js wrapper for the OWASP dependency-check-cli.
It is based on the work of etnetera/owasp-dependency-check.
You can see the current report for this project here.
Installation
npm install -D owasp-dependency-check
Usage
The easiest way is to add a new NPM script to your package.json, for example:
"scripts": {
...
"owasp": "owasp-dependency-check --project \"YOUR PROJECT NAME\" [options]"
}
Options
Owasp Dependency Core options
You can specify any arguments that the OWASP dependency-check-cli provides. For example, to generate an HTML and JSON report, use:
"scripts": {
...
"owasp": "owasp-dependency-check --project \"YOUR PROJECT NAME\" -f HTML -f JSON"
}
Additional options
Use owasp-dependency-check --help to check other options.