stackoom
  简体   繁体   中英

How to check vulnerabilities of a third-party library use in a React JS app?

 原文  2020-08-05 14:19:51       javascript/ reactjs/ npm/ sonarqube

Question

I have a create-react-app and I add some scripts to use a third-party library how can I check if those libraries have vulnerabilities?

1 answers

solution1
 2  2020-08-05 14:22:13

You could use npm run audit . It is a security audit command, which will alert you of any found vulnerabilities - in your node_modules , package.lock & package.json (You can choose from many flags in that command)

Read more about it here

If you are injecting with <script> tag itself, I would recommend trying to find the npm module for it and installing it that way, so you can keep track of everything at once with npm run audit . If that is not the case, I suppose you could find a vulnerability scanner on google, but I am not so familiar with them to write on their accuracy.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use third-party library (gridstack.js) with Typescript and React It is possible to import a third-party js file in react app? How to capture third-party JS library DOM changes using React? How to use stencil with third-party css library How to use third party extension in react app? Extend vue.js component from third-party library How to access properties of objects from a third-party DOM library used in a React component from the outside How to read PDF files with Node.js without using third-party library? Import third-party JavaScript library that normally self-executes into React app (using create-react-app) Use third-party embed code in a React component
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM