Skip to main content
Name:retire-js
Category:Static Code Analysis
Publisher:trickest
Created:6/23/2021
Container:quay.io/trickest/retire:v5.3.0
Output Type:
License:Unknown

Parameters

ext
string
--extComma separated list of file extensions for JavaScript files. The default is js
deep
boolean
--deepDeep scan (slower and experimental)
path
folder
required
--pathFolder to scan for javascript files
proxy
string
--proxyProxy url (http://some.host:8080)
cacert
file
--cacertUse the specified certificate file to verify the peer used for fetching remote jsrepo/noderepo files
colors
boolean
--colorsEnable color output (console output only)
ignore
string
--ignoreComma delimited list of paths to ignore
jsrepo
string
--jsrepoLocal or internal version of repo. Can be multiple comma separated. Default: 'central')
nocache
boolean
--nocacheDon't use local cache
verbose
boolean
--verboseShow identified files (by default only vulnerable files are shown)
insecure
boolean
--insecureEnable fetching remote jsrepo/noderepo files from hosts using an insecure or self-signed SSL (TLS) certificate
severity
string
--severitySpecify the bug severity level from which the process fails. Allowed levels none, low, medium, high, critical. Default: none
ignorefile
file
--ignorefileCustom ignore file, defaults to .retireignore / .retireignore.json
includeOsv
boolean
--includeOsvInclude OSV advisories in the output
outputformat
string
--outputformatValid formats: text, json, jsonsimple, depcheck (experimental), cyclonedx, cyclonedxJSON, cyclonedxJSON1_6, cyclonedxJSON1_6_VEX