@RetireJS profile picture
retire.js @RetireJS

Free open source scanner for detecting use of JavaScript libraries with known vulnerabilities

Joined February 2014
  • Tweets 71
  • Following 25
  • Followers 530
4 Photos and videos
retire.js retweeted
Robert Sösemann@rsoesemann
14 Oct 2022
Finally! Prime Time for the Salesforce Code Analyser This security checker wraps and harmonizes proven Open-Source like @pmd_analyzer, @geteslint, and @RetireJS. To bring them on par with commercial offerings Salesforce added a flexible Data Flow engine. developer.salesforce.com/blo…

5
10
32
retire.js@RetireJS
8 Aug 2022
Our name got a new meaning: devclass.com/2022/08/04/reti…

'The best thing we can do today to JavaScript is to retire it,' says JSON creator Douglas Crockford

Best thing we can do to JavaScript is retire it: JSON creator Douglas Crockford

devclass.com
1
2
retire.js@RetireJS
5 Aug 2022
What severity should we put on a library being End-of-Life? Low? Medium? github.com/RetireJS/retire.j…

Add AngularJS EoL? · Issue #385 · RetireJS/retire.js

Retire.js version: (retire --version): N/A current jsrepository node version: (node --version): N/A Type: Question Description: AngularJS is end of life, per: https://docs.angularjs.org/misc/versio...

github.com
1
5
4
retire.js retweeted
Erlend Oftedal@webtonull
21 May 2021
The nodejs scanner part of retire.js is now deprecated. Will try to keep the frontend javascript scanner working, but with npm audit having so much higher quality, deprecating the node bit seems like the most responsible choice: github.com/RetireJS/retire.j…
2
8
retire.js@RetireJS
12 May 2018
npm 6 is pretty awesome! This is output from npm install
1
12
19
retire.js@RetireJS
23 Apr 2018
npm 6 will have built-in dependency auditing! This is great! It also means we will most likely deprecate the node.js scanning capability of retire.js and focus on client side libraries only. github.com/npm/npm/releases/…

Release v6.0.0-next.2 · npm/npm

This release became 6.0.0

github.com
1
6
9
retire.js@RetireJS
13 May 2016
Someone made a python command line scanner of retire.js. Scan a site from the CLI: github.com/FallibleInc/retir…

GitHub - FallibleInc/retirejslib: Scan for vulnerabilities in JavaScript libraries you use (Python...

Scan for vulnerabilities in JavaScript libraries you use (Python port of retirejs) - FallibleInc/retirejslib

github.com
1
7
14
retire.js retweeted
Erlend Oftedal@webtonull
12 May 2016
Retire.js made the front page news today here in Norway. Lots of govt web sites using vulnerable #js libs: nrk.no/dokumentar/offentlige…

Offentlige nettsteder kan brukes til å svindle eller angripe deg

Utdatert og sårbar kode på offentlige nettsteder gjør at ondsinnede aktører i verste fall kan svindle og lure deg med nettadresser du stoler på. Blir du lurt med en adresse fra det offentlige kan de...

nrk.no
7
8
retire.js retweeted
Matt Johnson-Pint@mattjohnsonpint
3 Feb 2016
Hey #JavaScript developers. Using moment.js? We've plugged a potential security hole. Please update to 2.11.2. Thanks!
2
48
32
retire.js@RetireJS
6 Jan 2016
"Top15 security predictions 2016 Ghosts of Internet Past ...old and broken JS versions that invite compromise..." infoworld.com/article/301595…
2
retire.js retweeted
Javascript Digest@nodenow
26 Nov 2015
"Securing Your Node.js App" #javascript #nodejs stackabuse.com/securing-your…
3
8
retire.js@RetireJS
29 Oct 2015
Exciting stuff from @LiftSecurity : blog.liftsecurity.io/2015/10…
1
retire.js@RetireJS
29 Oct 2015
Current record from a scan: 6 different versions of jQuery loaded on the same page
1
retire.js retweeted
André N. Klingsheim
@klingsen
28 Oct 2015
Go check your site for vulnerable JS libs here: retire.insecurity.today/ #siksym15
16
14
retire.js@RetireJS
22 Oct 2015
Thanks to @Jhaddix for mentioning Retire.js in his talk at HouSecCon 6: youtube.com/watch?v=ebqbmPR1…

t303 How to Shot Web Better Hacking in 2015 Jason Haddix

These are the videos from HouSecCon 6 (2015):http://www.irongeek.c...

youtube.com
retire.js retweeted
Kadir Yılmaz@kadiryilmaz
29 Sep 2015
Retire.js ile Javascript Kütüphanelerinizin Güvenliğini Kontrol Edin devnot.com/2015/retire-js-il…

1
1
retire.js@RetireJS
8 Oct 2015
Could really use help in going through release notes of these WYSIWYG editors to look for vulnerabilities: github.com/RetireJS/retire.j… #js
retire.js retweeted
Kim Carter@binarymist
18 Sep 2015
Not using @RetireJS? You should be blog.liftsecurity.io/2014/11… #javascript #nodejs #besafe
4
2
retire.js retweeted
Marc Rogers
@marcwrogers
7 Aug 2015
Well played @TeslaMotors well played.
4
19
21
retire.js retweeted
Node.js
@nodejs
4 Jul 2015
Important security release for Node.js v0.12 will be available shortly, please upgrade. v0.10.x is not impacted. Sorry for the short notice.
3
281
128
Load more