OWASP dependency check

[gnespolino]

Expected: add owasp dependency check plugin to package.json

  "scripts": {
    ...
    "owasp": "owasp-dependency-check --project \"YOUR PROJECT NAME\" -f HTML JSON",
    ...
  },

Current output:

Dependency	Vulnerability IDs	Package	Highest Severity	CVE Count	Confidence	Evidence Count
async:0.2.10	cpe:2.3:a:async_project:async:0.2.10:::::::*	pkg:npm/async@0.2.10	HIGH	1	Highest	7
async:0.9.2	cpe:2.3:a:async_project:async:0.9.2:::::::*	pkg:npm/async@0.9.2	HIGH	1	Highest	7
async:1.5.2	cpe:2.3:a:async_project:async:1.5.2:::::::*	pkg:npm/async@1.5.2	HIGH	1	Highest	7
braces:0.1.5	cpe:2.3:a:braces_project:braces:0.1.5:::::::*	pkg:npm/braces@0.1.5	MEDIUM	3	Highest	9
braces:1.8.5	cpe:2.3:a:braces_project:braces:1.8.5:::::::*	pkg:npm/braces@1.8.5	MEDIUM	1	Highest	8
browserslist:1.7.7	cpe:2.3:a:browserslist_project:browserslist:1.7.7:::::::*	pkg:npm/browserslist@1.7.7	MEDIUM	1	Highest	6
color-string:0.3.0	cpe:2.3:a:color-string_project:color-string:0.3.0:::::::*	pkg:npm/color-string@0.3.0	MEDIUM	2	Highest	6
debug:2.2.0	cpe:2.3:a:debug_project:debug:2.2.0:::::::*	pkg:npm/debug@2.2.0	MEDIUM	1	Highest	6
debug:2.3.3	cpe:2.3:a:debug_project:debug:2.3.3:::::::*	pkg:npm/debug@2.3.3	MEDIUM	2	Highest	6
engine.io:1.8.3	cpe:2.3:a:socket:engine.io:1.8.3:::::::*	pkg:npm/engine.io@1.8.3	HIGH	2	Highest	7
faye-websocket:0.10.0	cpe:2.3:a:faye-websocket_project:faye-websocket:0.10.0:::::::*	pkg:npm/faye-websocket@0.10.0	HIGH	1	Highest	8
getobject:0.1.0	cpe:2.3:a:getobject_project:getobject:0.1.0:::::::*	pkg:npm/getobject@0.1.0	CRITICAL	2	Highest	9
glob-parent:2.0.0		pkg:npm/glob-parent@2.0.0	HIGH	2		8
grunt-cli:1.4.3	cpe:2.3:a:gruntcli_project:gruntcli:1.4.3:::::::*	pkg:npm/grunt-cli@1.4.3	HIGH	1	Low	6
grunt-karma:2.0.0		pkg:npm/grunt-karma@2.0.0	HIGH	1		6
is-svg:2.1.0	cpe:2.3:a:is-svg_project:is-svg:2.1.0:::::::*	pkg:npm/is-svg@2.1.0	HIGH	4	Highest	8
js-yaml:3.7.0	cpe:2.3:a:js-yaml_project:js-yaml:3.7.0:::::::*	pkg:npm/js-yaml@3.7.0	high	2	Highest	7
karma:1.7.1	cpe:2.3:a:karma_project:karma:1.7.1:::::::*	pkg:npm/karma@1.7.1	MEDIUM	4	Highest	8
loader-utils:0.2.17		pkg:npm/loader-utils@0.2.17	HIGH	1		6
loader-utils:1.4.0		pkg:npm/loader-utils@1.4.0	HIGH	1		6
lodash:3.10.1	cpe:2.3:a:lodash:lodash:3.10.1:::::::*	pkg:npm/lodash@3.10.1	CRITICAL	14	Highest	7
log4js:0.6.38	cpe:2.3:a:log4js_project:log4js:0.6.38:::::::*	pkg:npm/log4js@0.6.38	MEDIUM	2	Highest	7
minimist:0.0.10	cpe:2.3:a:substack:minimist:0.0.10:::::::*	pkg:npm/minimist@0.0.10	CRITICAL	4	Highest	9
open:0.0.5		pkg:npm/open@0.0.5	critical	1		8
parsejson:0.0.3	cpe:2.3:a:parsejson_project:parsejson:0.0.3:::::::*	pkg:npm/parsejson@0.0.3	HIGH	2	Highest	7
postcss:5.2.18	cpe:2.3:a:postcss:postcss:5.2.18:::::::*	pkg:npm/postcss@5.2.18	HIGH	3	Highest	7
postcss:6.0.23	cpe:2.3:a:postcss:postcss:6.0.23:::::::*	pkg:npm/postcss@6.0.23	HIGH	2	Highest	7
serialize-javascript:1.9.1		pkg:npm/serialize-javascript@1.9.1	high	4		8
shelljs:0.3.0	cpe:2.3:a:shelljs_project:shelljs:0.3.0:::::::*	pkg:npm/shelljs@0.3.0	HIGH	3	Highest	7
simple-get:3.1.1	cpe:2.3:a:simple-get_project:simple-get:3.1.1:::::::*	pkg:npm/simple-get@3.1.1	HIGH	1	Highest	10
socket.io-parser:2.3.1	cpe:2.3:a:socket:socket.io-parser:2.3.1:::::::*	pkg:npm/socket.io-parser@2.3.1	HIGH	2	Highest	5
socket.io:1.7.3	cpe:2.3:a:socket:socket.io:1.7.3:::::::*	pkg:npm/socket.io@1.7.3	MEDIUM	2	Highest	5
ssri:5.3.0	cpe:2.3:a:ssri_project:ssri:5.3.0:::::::*	pkg:npm/ssri@5.3.0	HIGH	2	Highest	8
webpack-dev-server:1.16.5	cpe:2.3:a:webpack.js:webpack-dev-server:1.16.5:::::::*	pkg:npm/webpack-dev-server@1.16.5	HIGH	2	Highest	7
ws:1.1.2	cpe:2.3:a:ws_project:ws:1.1.2:::::::*	pkg:npm/ws@1.1.2	high	1	Highest	6
xmlhttprequest-ssl:1.5.3	cpe:2.3:a:xmlhttprequest-ssl_project:xmlhttprequest-ssl:1.5.3:::::::*	pkg:npm/xmlhttprequest-ssl@1.5.3	CRITICAL	3	Highest	7