OSS Index Helpclose
An open index of open source

Tools

DevAudit v1.0.0

Posted by OSS-Index on February 20, 2016

Identify known vulnerabilities in a variety of Windows package formats, to not only find development package vulnerabilities, but also those in installed programs. It will support:

  • MSI: Programs installed through standard Microsoft Installers
  • Chocolatey: Chocolatey, somewhat like apt-get, but built with Windows in mind.
  • OneGet (PackageManagement): Unified interface to package management systems
  • NuGet: the package manager for the Microsoft development platform
  • Bower: A package management system for client-side programming on the World Wide Web.

More details...

Audit.NET

Posted by OSS-Index on February 14, 2016

Audit.NET is a Visual Studio extension that highlights NuGet package dependencies with security vulnerabilities.

See the Visual Studio Gallery for extension information.

See Github for installation and usage instructions.

ossindex-maven-plugin

Posted by OSS-Index on November 2, 2015

The ossindex-maven-plugin is a Maven Plugin that performs a build-time audit to identify known vulnerabilities and maintenance problems.

See Github for usage instructions.

AuditJS

Posted by OSS-Index on September 20, 2015

Audit dependencies to identify known vulnerabilities and maintenance problems.

Audits an NPM project using the OSS Index REST API to identify known vulnerabilities and outdated package versions.

Git: https://github.com/OSSIndex/auditjs
Npm: https://www.npmjs.com/package/auditjs

AuditJS Screenshot