scanner
scanner copied to clipboard
Scanning Github organization and repository
My long-term idea is to expand Tree-walker and possibly Scanner to handle GitHub repositories and organizations. The first version of NodeSecure was originally capable of this: Dependency-Analyser.
This expansion would also allow us to replace or improve code in the report, such as in this example: fetch.ts.
We can design this API step by step. My idea right now for a first API would be:
- Fetching a GitHub org repositories (see https://github.com/dashlog/fetch-github-repositories).
- Fetch first level dependencies in the package.json for each of them (we can use pacote with a github resolver)