donald-pinckney / npm-follower

Related projects ⓘ

Alternatives and complementary repositories for npm-follower

• Persper / js-callgraph
  Construct approximate static call graph for JavaScript & Typescript
  ☆182Updated last year
• LeoDog896 / npm-rank
  get popular npm packages
  ☆32Updated 6 months ago
• nuprl / augur
  Performant taint analysis for Node.js
  ☆49Updated 3 months ago
• Haiyang-Sun / nodeprof.js
  Instrumentation framework for Node.js compliant to ECMAScript 2020 based on GraalVM.
  ☆53Updated 2 months ago
• CodeIntelligenceTesting / jazzer.js
  Coverage-guided, in-process fuzzing for Node.js
  ☆289Updated 5 months ago
• mariusschulz / styx
  Derives a control flow graph from a JavaScript AST.
  ☆62Updated 3 years ago
• coderabbitai / ast-grep-essentials
  Community-led collection of essential ast-grep rules.
  ☆15Updated this week
• IBM / tree-sitter-codeviews
  Extract and combine multiple source code views using tree-sitter
  ☆110Updated 5 months ago
• uw-pluverse / perses
  language-agnostic program reducer.
  ☆170Updated 10 months ago
• nvuillam / github-dependents-info
  Collect information about dependencies between a github repo and other repositories. Results available in JSON, markdown and badge
  ☆119Updated last week
• cristianstaicu / SecBench.js
  ☆28Updated last month
• osssanitizer / maloss
  Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
  ☆122Updated 2 years ago
• Invizory / taintflow
  TaintFlow, a framework for JavaScript dynamic information flow analysis.
  ☆17Updated last year
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆71Updated this week
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆111Updated last month
• velut / query-registry
  Query the npm registry for metadata, package documents, manifests, download counts and other data.
  ☆31Updated 3 weeks ago
• cs-au-dk / jelly
  JavaScript/TypeScript static analyzer for call graph construction, library usage pattern matching, and vulnerability exposure analysis
  ☆327Updated 2 months ago
• assuremoss / lastpymile
  A reimplementation of LastPyMile: A Python-based library to Identify the differences between build artifacts of PyPI packages and the res…
  ☆15Updated 2 years ago
• Aurore54F / DoubleX
  Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
  ☆67Updated 3 years ago
• githubnext / amalfi-artifact
  Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
  ☆39Updated 2 years ago
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆126Updated 2 years ago
• snyk / nodejs-lockfile-parser
  Generate a Snyk dependency tree from package-lock.json or yarn.lock file
  ☆62Updated last week
• wala / JS_WALA
  WALA analyses and tools that are implemented in JavaScript
  ☆82Updated 8 years ago
• sourcegraph / scip-typescript
  SCIP indexer for TypeScript and JavaScript
  ☆48Updated this week
• sola-st / WasmBench
  A large dataset of real-world WebAssembly binaries, collected from the Web, GitHub, NPM and other sources. Useful as test data, to study …
  ☆53Updated 2 years ago
• ecomfe / gitdiff-parser
  A fast and reliable git diff parser.
  ☆64Updated last year
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆71Updated 3 weeks ago
• julianjensen / ast-flow-graph
  Creates a CFG from JavaScript source code.
  ☆66Updated 2 months ago
• LavaMoat / snow
  Use Snow to finally secure your web app's same origin realms!
  ☆105Updated 3 weeks ago
• wala / jsdelta
  A delta debugger for JavaScript
  ☆51Updated 2 years ago