confusion-test

1.0.0 • Public • Published

Dependency confusion test

Test all the Node.js projects of one or multiple Github accounts for the dependency confusion vulnerability. More info about this vulnerability here.

Install

npm install -g confusion-test

Use

To run this test you will need a Github token. Generate it here.

Example for one account:

$ echo 'notsag-dev' | confusion-test --token {{GITHUB_TOKEN}}

Example for multiple accounts (one per line):

$ cat accounts.txt | confusion-test --token {{GITHUB_TOKEN}}

To disable console output add --silent.

Results

A file will be created with information about the packages that are available on the npm registry.

Line format: {{account}};{{package-name};{{package-version}};{{repository}};{{package-json-path}}

Readme

Keywords

none

Package Sidebar

Install

npm i confusion-test

Weekly Downloads

1

Version

1.0.0

License

GPL-3.0-or-later

Unpacked Size

39.3 kB

Total Files

4

Last publish

Collaborators

  • notsag-dev