WebExtension to expose VS Code Extension Vulncost by Snyk for browsing.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
André Jaenisch 8be3396c58
Merge pull request #3 from Ryuno-Ki/renovate/rollup-plugin-commonjs-13.x
2 years ago
src Use global browser instead of import 2 years ago
test Port to Chrome 3 years ago
.babelrc Cover background with tests 3 years ago
.gitignore Set up docs 3 years ago
.jsdoc.config.json Set up docs 3 years ago
.nycrc Cover background with tests 3 years ago
LICENSE.txt Minimal Working Example 3 years ago
README.md Spice up README.md 3 years ago
package-lock.json Update dependency @rollup/plugin-commonjs to v13.0.2 2 years ago
package.json Update dependency @rollup/plugin-commonjs to v13.0.2 2 years ago
renovate.json Add renovate.json 3 years ago
rollup.config.js Copy browser-polyfill with rollup, update manifest and modal.html accordingly 2 years ago

README.md

webext-snyk-vulncost

Unofficial web extension to check packages on vulnerabilities. Runs in Firefox, Chrome and Opera (and likely more web browsers) on desktop.

SNYK logo

Installation

Clone this repository, then install the dependencies with npm i.

Running

npm start will start a Firefox instance with the extension loaded. For other browsers, you will need to load the dist/manifest.json manually.

Testing

npm test will execute the mocha test suite. Due to the use of proxyquire a code coverage report cannot be generated for now.

TODOs

This extension will recognise if you are browsing a package.json on GitHub and offer you to scan the (dev)Dependencies for known vulnerabilities. It is also planned to allow the check when looking at a single JS(X) or TS(x) file. The agenda includes a check on NPM registry websites as well.

LICENSE

MIT. Check LICENSE for details.