search

RetireJS / retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
https://retirejs.github.io/retire.js/
Other
3.66k stars 413 forks source link

Upstream code from third party maintained browser plugins #428

Open eloydegen opened 7 months ago

eloydegen commented 7 months ago

Hi! I noticed that in the README.md it is stated that the Firefox plugin is deprecated. However, there is a plugin in the Mozilla addon store: https://addons.mozilla.org/en-US/firefox/addon/retire-js/

Is the codebase for this plugin unrelated to (specifically: Firefox plugin code) this repository? It was updated 18 days ago, that is surely not unmaintained. If the codebase is unrelated, I could contact the developer by e-mail to try having the code upstream here. I could not identify their GitHub account if they have one. It would be nice if we could automate some development and push releases automatically from here.

eoftedal commented 7 months ago

Neither the Firefox plugin nor the chrome plugins are published in the stores. I know someone else have done it, but I don't know who, and they are not affiliated directly with retire.js

eoftedal commented 7 months ago

I have contacted the authors of the plugins to see if we can move them over to the official repo

eoftedal commented 7 months ago

The person behind the Firefox plugin got back to me with the code. The Chrome plugin dev did not respond.