Skip to content
/ nodep Public

A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.

License

MIT license
28 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dwisiswant0/nodep

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.github
.github
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
check.go
check.go
 
 
client.go
client.go
 
 
main.go
main.go
 
 
options.go
options.go
 
 
util.go
util.go
 
 
validate.go
validate.go
 
 
vars.go
vars.go
 
 

Repository files navigation

nodep — check available dependency packages across npmjs, PyPI or RubyGems registry.

Installation (with Go):
$ go get -u github.com/dwisiswant0/nodep

Or download pre-built binary from releases page (https://github.com/dwisiswant0/nodep/releases/latest).

Usage of nodep:
  nodep <registry> <package_name/dependencies.txt>

Available registry options:
  - npm (npmjs)
  - pip (PyPI)
  - gem (RubyGems)

Examples:
  nodep pip reqeusts
  nodep npm package.txt

Supporting Materials:
- Birsan, Alex. “Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies.” Medium, February 9, 2021, https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610.
- Tschacher, Nikolai. “Typosquatting Programming Language Package Managers.” incolumitas.com, June 8, 2016, https://incolumitas.com/2016/06/08/typosquatting-package-managers/.

About

A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.

Topics

go golang npm rubygems gem pypi pip bugbounty npmjs bugbounty-tool

Resources

Readme

License

MIT license
Activity

Stars

28 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases 1

v0.0.1 Latest
Feb 10, 2021

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Languages