npm

auditjs

Audit dependencies to identify known vulnerabilities and maintenance problems

• Audit
• Scan
• Vulnerability
• CPE
• CVE
• CWE
• OSSIndex
• Artie
• Nexus
• Sonatype
• SCA
• SBOM
• Security
• Advisories

ossindex

published 4.0.39 • 5 months agopublished 4.0.39 5 months ago

@cyclonedx/cyclonedx-library

Core functionality of CycloneDX for JavaScript (Node.js or WebBrowser).

• CycloneDX
• models
• normalizer
• serializer
• bill-of-materials
• BOM
• software-bill-of-materials
• SBOM
• OBOM
• MBOM
• SaaSBOM
• VEX
• package-url
• PURL
• View more

cyclonedx-automation

published 1.12.2 • 10 hours agopublished 1.12.2 10 hours ago

@cyclonedx/cdxgen

Creates CycloneDX Software Bill-of-Materials (SBOM) from source or container image

• sbom
• bom
• inventory
• spdx
• package-url
• purl
• owasp
• component
• dependency
• appsec
• scrm

cyclonedx-automation

published 8.2.0 • 7 days agopublished 8.2.0 7 days ago

retire

Retire is a tool for detecting use of vulnerable libraries

• sbom
• sbom-tool
• sbom-generator
• security
• cli
• software-composition-analysis
• sca

eoftedal

published 3.2.3 • 2 months agopublished 3.2.3 2 months ago

npm-dependencies-extractor

Retrieves the (flat) list of package dependencies for Javascript projects using npm

• dependencies
• npm
• sbom
• software bill of material
• flat list
• extract
• retrieve
• dependencies flat list
• extract dependencies
• list dependencies

sandacontiume

published 0.1.0 • 3 years agopublished 0.1.0 3 years ago

node-modules-dependencies-extractor

Extracts dependencies from the node_modules folder, to a reference format. This reference format is a JSON file containing arrays of objects with keys name and version.

• dependencies
• sbom
• software bill of material
• node_modules
• npm
• yarn

philips-software-fa

published 0.1.1 • 3 years agopublished 0.1.1 3 years ago

@cyclonedx/cyclonedx-npm

Create CycloneDX Software Bill of Materials (SBOM) from NPM projects.

• CycloneDX
• SBOM
• BOM
• inventory
• bill-of-materials
• software-bill-of-materials
• component
• dependency
• package-url
• PURL
• spdx
• node
• npm

cyclonedx-automation

published 1.9.1 • 13 days agopublished 1.9.1 13 days ago

@ksg97031/cdxgen

Creates CycloneDX Software Bill-of-Materials (SBOM) from source or container image

• sbom
• bom
• inventory
• spdx
• package-url
• purl
• owasp
• component
• dependency
• appsec
• scrm

ksg97031

published 3.2.12 • a year agopublished 3.2.12 a year ago

@cyclonedx/webpack-plugin

Creates CycloneDX Software Bill of Materials (SBoM) from webpack projects

• webpack
• CycloneDX
• bill-of-materials
• BOM
• software-bill-of-materials
• SBOM
• inventory
• component
• dependency
• package-url
• PURL
• SPDX

cyclonedx-automation

published 3.3.1 • 13 days agopublished 3.3.1 13 days ago

@h4ad/dependency-extractor

<h1 align="center"> 🚀 Dependency Extractor </h1>

• dependencies
• npm
• sbom
• flat list
• extract
• retrieve
• dependencies flat list
• extract dependencies
• list dependencies

h4ad

published 1.1.0 • 4 months agopublished 1.1.0 4 months ago

@cyclonedx/cdxgen-plugins-bin

Binary plugins to supercharge @cyclonedx/cdxgen npm package

• cdxgen
• sbom
• bom
• plugins
• dependency
• appsec

cyclonedx-automation

published 1.0.5 • 2 months agopublished 1.0.5 2 months ago

@appthreat/cdxgen-plugins-bin

Binary plugins to supercharge @appthreat/cdxgen npm package

• cdxgen
• sbom
• bom
• plugins
• dependency
• appsec

prabhus

published 1.0.0 • 2 months agopublished 1.0.0 2 months ago

@dependency-track/bom

Upload Bill-of-Materials (BOM) to dependency track

• sbom
• bom
• inventory
• spdx
• package-url
• purl
• owasp
• component
• dependency
• appsec
• scrm
• dependency-track

engcpp

published 1.0.2 • 3 years agopublished 1.0.2 3 years ago

pnpm-cdx

Generate a CycloneDX SBOM from a PNPM Node.js project.

• SBOM
• SPDX
• cyclonedx
• BOM

benbenbenbenbenben

published 1.0.3 • 6 months agopublished 1.0.3 6 months ago

@soos-io/sample-project-node-package-fetch

SOOS ( https://soos.io ) is an independent software security company, located in Winooski, VT USA, building security software for your team. Used for testing purposes, this tool is an example of fetching package information from SOOS.

• soos
• sca
• @soos-io
• package
• sample
• project
• example
• vulnerabilities
• licenses
• sbom
• governance
• dast
• open source
• oss

soosintegrations

published 1.0.1 • 2 months agopublished 1.0.1 2 months ago

@soos-io/sample-project-node-license-fetch

SOOS ( https://soos.io ) is an independent software security company, located in Winooski, VT USA, building security software for your team. Used for testing purposes, this tool is an example of fetching software license information from SOOS.

• soos
• sca
• spdx
• license
• @soos-io
• cve
• vulnerability
• vulnerabilities
• licenses
• sbom
• governance
• dast
• open source
• oss

soosintegrations

published 1.0.0 • 2 months agopublished 1.0.0 2 months ago

@soos-io/sample-project-node-vulnerability-fetch

SOOS ( https://soos.io ) is an independent software security company, located in Winooski, VT USA, building security software for your team. Used for testing purposes, this tool is an example of fetching vulnerability information from SOOS.

• soos
• sca
• @soos-io
• cve
• vulnerability
• vulnerabilities
• licenses
• sbom
• governance
• dast
• open source
• oss

soosintegrations

published 1.0.0 • 2 months agopublished 1.0.0 2 months ago

@ngcloudsec/cdxgen-plugins-bin

Binary plugins for @appthreat/cdxgen npm package

• cdxgen
• sbom
• bom
• plugins
• dependency
• appsec

prabhus

published 0.3.0 • 4 months agopublished 0.3.0 4 months ago

add-vulnerabilities-to-bom

Adds known vulnerabilities to BOM

• cyclonedx
• bom
• sbom
• bill of materials
• software bill of materials
• software bom
• audit
• vulnerabilities
• vulnerability

kabo

published 0.0.3 • a year agopublished 0.0.3 a year ago

@amithkk/spdx-merge

Tools for merging SPDX Documents

• SBOM

amithkk

published 1.0.2 • 8 months agopublished 1.0.2 8 months ago