scanner icon indicating copy to clipboard operation
scanner copied to clipboard
verified publisher icon NodeSecure

Scanning Github organization and repository

Open fraxken opened this issue 1 year ago • 1 comments

My long-term idea is to expand Tree-walker and possibly Scanner to handle GitHub repositories and organizations. The first version of NodeSecure was originally capable of this: Dependency-Analyser.

This expansion would also allow us to replace or improve code in the report, such as in this example: fetch.ts.

fraxken avatar Aug 18 '24 15:08 fraxken

We can design this API step by step. My idea right now for a first API would be:

  • Fetching a GitHub org repositories (see https://github.com/dashlog/fetch-github-repositories).
  • Fetch first level dependencies in the package.json for each of them (we can use pacote with a github resolver)

fraxken avatar Jul 04 '25 22:07 fraxken