@nodesecure/tree-walker@2.0.0

Major Changes

• #554 3c32fb6 Thanks @clemgbld! - feat(scanner): add manifest integrity of root dependency in payload

Minor Changes

• #554 3c32fb6 Thanks @clemgbld! - feat(scanner): add manifest integrity of root dependency in payload

Patch Changes

• #555 1ecbe92 Thanks @fraxken! - Properly walk NPM tree using arborist with package-lock.json or node_modules when using the CWD().

@nodesecure/tarball@2.3.0

Minor Changes

• #548 d555469 Thanks @fraxken! - Customize JS-X-Ray behavior/options when running the scan. Use it to enable optionalWarnings when the scan run localy.

Patch Changes

• #557 914132b Thanks @fraxken! - Add missing Node.js core builtins module

@nodesecure/scanner@8.1.0

Minor Changes

• #569 1e2d654 Thanks @fraxken! - Add a standalone export for extractors (for usage such as web imports)

Patch Changes

• #567 8a7d42b Thanks @fraxken! - Fix an issue with the monorepo build command. Now each workspace build script is executed in CI and before publishing.

@nodesecure/scanner@8.0.0

Major Changes

• #554 3c32fb6 Thanks @clemgbld! - feat(scanner): add manifest integrity of root dependency in payload

• #565 62464a4 Thanks @fraxken! - Move payload integrity into rootDependency

• #563 c009145 Thanks @fraxken! - Refactor payload rootDependency to include name and version

Minor Changes

• #564 c91b2c6 Thanks @fraxken! - Add a new metadata property in the scanner payload

• #554 3c32fb6 Thanks @clemgbld! - feat(scanner): add manifest integrity of root dependency in payload

• #556 14cc3cd Thanks @fraxken! - Update scanner API documentation & add FromOptions interface to match CwdOptions

• #562 dbc2562 Thanks @ErwanRaulo! - feat(extractor): Extends eventTarget instead of eventEmitter for browser compatibility

• #548 d555469 Thanks @fraxken! - Customize JS-X-Ray behavior/options when running the scan. Use it to enable optionalWarnings when the scan run localy.

• #560 3b653ee Thanks @clemgbld! - feat(depWalker): do not add integrity to payload in cwd for workspace

Patch Changes

• #555 1ecbe92 Thanks @fraxken! - Properly walk NPM tree using arborist with package-lock.json or node_modules when using the CWD().

• Updated dependencies [3c32fb6, 3c32fb6, d555469, 914132b, 1ecbe92]:

  • @nodesecure/tree-walker@2.0.0
  • @nodesecure/tarball@2.3.0

@nodesecure/scanner@7.2.0

Minor Changes

• #544 281c720 Thanks @clemgbld! - feat(scanner): add npm token based on registry for sdk calls

• #542 49c5bbb Thanks @fraxken! - Improve type-squatting global-warning by removing it on remote scan and also when there is to much similar packages

@nodesecure/tarball@2.2.0

Minor Changes

• #526 02f111e Thanks @fraxken! - Export custom warnings for the web platform

Patch Changes

• Updated dependencies [b989ceb]:
  • @nodesecure/conformance@1.2.0

@nodesecure/scanner@7.1.0

Minor Changes

• #535 746c0fd Thanks @clemgbld! - feat(scanner): implement dependency confusion detection

• #540 6105c7f Thanks @clemgbld! - feat(scanner): add dependency warning only when getting a 404 from the public npm registry

• #541 dadb7fb Thanks @fraxken! - Keep NPM provenance (attestations) in Dependency version

Patch Changes

• Updated dependencies [02f111e, b989ceb]:
  • @nodesecure/tarball@2.2.0
  • @nodesecure/conformance@1.2.0

@nodesecure/gitlab@2.1.0

Minor Changes

• #530 b989ceb Thanks @clemgbld! - chore(httpie): move from @myunisoft/httpie to @openally/httpie

@nodesecure/github@2.1.0

Minor Changes

• #530 b989ceb Thanks @clemgbld! - chore(httpie): move from @myunisoft/httpie to @openally/httpie

@nodesecure/conformance@1.2.0

Minor Changes

• #530 b989ceb Thanks @clemgbld! - chore(httpie): move from @myunisoft/httpie to @openally/httpie