Fork me on GitHub
Sean Poulter20:08:11

What tools do folks use to scan their ClojureScript projects for security vulnerabilities and CVEs? I haven’t found any off-the-shelf tools in a quick search online.

Sean Poulter20:08:50

I’ve found but we’re using deps.edn. :thinking_face:


Are you using Maven as a build tool? Or a deps-based build tool?


😅 I just realized which channel I am in


I was going to recommend the NVD plugin for Maven, but that probably doesn't apply to your project

👍 3
Sean Poulter20:08:51

Thanks for both suggestions. I hadn’t found that last page. 😀


You can generare a POM and run java stuff on it. Same for npm deps

👍 3
Sean Poulter22:09:21

Thanks @U2J4FRT2T! We'll have a look at that.