vile-retire 
A Vile plugin for identifying vulnerabilities in your JavaScript libraries (via RetireJS).
Requirements
Installation
npm i -D vile retire vile-retire
Config
The config is one to one with (most of) retire's -- style CLI options.
Example:
retire: config: package: true node: true js: true dropexternal: true nocache: true jspath: "sompath" nodepath: "somepath" path: "somepath" jsrepo: "..." noderepo: "..." proxy: "http://..." ignorefile: "somepath/.retireignore"Ignoring Files
Since RetireJS actually might want to scan some directories you would
otherwise ignore, such as node_modules, you can only configure that
as part of the config section:
retire: config: ignore: - one - twoThis list will be mapped to the --ignore option.
You can also use .retireignore as the retire CLI will pick it up.
Allowing Files
With what this plugin offers, the allow list is not really needed.
Try the --path|nodepath|jspath config options, if need be.
Versioning
This project uses Semver.
Licensing
This project is licensed under the MPL-2.0 license.
Any contributions made to this project are made under the current license.
Contributions
Current list of Contributors.
Any contributions are welcome and appreciated!
All you need to do is submit a Pull Request.
- Please consider tests and code quality before submitting.
- Please try to keep commits clean, atomic and well explained (for others).
Issues
Current issue tracker is on GitHub.
Even if you are uncomfortable with code, an issue or question is welcome.
Code Of Conduct
By participating in this project you agree to our Code of Conduct.
Maintainers
- Brent Lintner - @brentlintner
Architecture
This project is currently written in JavaScript. RetireJS provides a JSON CLI output that is currently used until a more ideal IPC option is implemented.
binhouses any shell based scriptssrcis es6+ syntax compiled with Babellibgenerated js library
Developing
cd vile-retire
npm install
npm install retire
npm run dev
npm test