Easy auditing tool
Audits NPM, Yarn, and PNPM projects in CI environments
Verdaccio Middleware plugin to bypass npmjs audit
<h5 align="center"> Run <a href="https://developers.google.com/web/tools/lighthouse">Lighthouse</a> and <a href="https://github.com/pa11y/pa11y">Pa11y</a> audits directly in <a href="https://cypress.io/">Cypress</a> test suites </h5>
Given a response from the npm security api, render it into a variety of security reports
Security & License Compliance For Your App's Dependencies 🪱
Generate an HTML report for CODEOWNERS ownership gaps and run in CI or from the CLI to fail when files are not covered.
Reshape into a better npm audit for the community and encourage more people to include security audit into their process.
Core modules for audit-resolve.json file and logic of its processing
The missing `yarn audit fix`
Aids humans and automation in managing npm audit results
A wrapper around yarn audit that fixes many issues
Provides audit logging functionalities for Node.js applications
Client-side Bitcoin JavaScript library
OCI NodeJS client for Audit Service
A tool for working with CODEOWNERS files
Local provider for strapi audit logs
Descope audit management widget
parse SPDX license expressions
Simple, pluggable, zero-dependency, GraphQL over HTTP spec compliant server, client and audit suite.
A diagnostic tool for rush build cache
AWS SDK for JavaScript Auditmanager Client for Node.js, Browser and React Native
Generate a HTML report for NPM Audit
Client-side Bitcoin JavaScript library
Fluentd plugin to transform go-audit log and make it easy to be handled by modern log aggregators.
Audit model events like update/create/delete + attribute changes + group them by transaction, in normalized table layout for easy query access.
Logstash implementation of SOAR architecture auditing allowing easy publishing of events to a centralized logstash collection engine
Log4r implementation of SOAR architecture auditing allowing easy publishing of events to a stdout and local logfile
IO stream implementation of SOAR architecture auditing allowing easy publishing of events to a standard IO stream, (e.g. stderr)
True/False fields have a great simplicity about them, and many times they're perfect for the job! But, it's not uncommon end up in a place where you'd really love to keep some degree of simplicity with a little more detail about when the value was changed. Sometimes you'll want to display that information to the user and other times you'll keep it for auditing or debugging purposes. Either way, boolean_timestamp makes the job easy from the beginning and adds very little code to your app.
Enigma is a lightweight Ruby gem designed to verify passwords hashed using Firebase's custom scrypt-based algorithm, making it ideal for seamless integrations and migrations involving Firebase authentication systems. It provides a secure, efficient way to compare a user-provided password against a stored hash without exposing sensitive details, ensuring constant-time comparisons to mitigate timing attacks. Key features include: - Full compatibility with Firebase Authentication's password hashing logic, combining scrypt with AES-256-CTR encryption for signing. - Configurable parameters for scrypt (rounds, memory cost), signer keys, and salt separators. - Secure practices using OpenSSL's fixed-length comparisons. - Support for custom logging, with easy integration into Rails or other frameworks. - Minimal dependencies, relying on the 'scrypt' gem alongside Ruby's standard library. A common use case is migrating users from Firebase to systems like Devise in Ruby on Rails. During migration, extract the user's base64-encoded salt and stored hash from Firebase, then use Enigma to verify the input password. If it matches, set the raw password in Devise to generate a new hash, avoiding forced resets and ensuring a smooth transition. Whether for custom auth systems, password audits, or hybrid setups, Enigma simplifies secure verification while prioritizing ease of use.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.