npm
Sign UpSign In

confusion-test

1.0.0 • Public • Published

Dependency confusion test

Test all the Node.js projects of one or multiple Github accounts for the dependency confusion vulnerability. More info about this vulnerability here.

Install

npm install -g confusion-test

Use

To run this test you will need a Github token. Generate it here.

Example for one account:

$ echo 'notsag-dev' | confusion-test --token {{GITHUB_TOKEN}}

Example for multiple accounts (one per line):

$ cat accounts.txt | confusion-test --token {{GITHUB_TOKEN}}

To disable console output add --silent.

Results

A file will be created with information about the packages that are available on the npm registry.

Line format: {{account}};{{package-name};{{package-version}};{{repository}};{{package-json-path}}

Dependencies (2)

Dev Dependencies (0)

    Package Sidebar

    Install

    npm i confusion-test

    Weekly Downloads

    2

    Version

    1.0.0

    License

    GPL-3.0-or-later

    Unpacked Size

    39.3 kB

    Total Files

    4

    Last publish

    Collaborators

    • notsag-dev
    Try on RunKit
    Report malware