Skip to content
/ nuget-audit Public

CLI tool to check vulnerabilities in all NuGet packages.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

konek3/nuget-audit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

nuget-audit

nuget-audit is a dotnet tool for checking vulnerabilities in your .NET projects.

Installation

dotnet tool install -g NugetAudit

Usage

First, you need to set environment variables for using OSS Index for scanning vulnerabilities:

export NUGET_AUDIT_API_KEY <your_key>
export NUGET_AUDIT_USERNAME <your_username>

Then, run:

nuget-audit --audit-level=(Low|Medium|High|Critical) (path)

Examples:

nuget-audit --audit-level=High .

nuget-audit --audit-level=Low ~/Projects/MyAwesomeProject/

Running in Docker

FROM mcr.microsoft.com/dotnet/core/sdk:3.1-alpine AS builder

RUN dotnet tool install --global NugetAudit

ENV PATH="/root/.dotnet/tools:${PATH}"
ENV NUGET_AUDIT_API_KEY="<your_api_key>"
ENV NUGET_AUDIT_USERNAME="<your_username>"

RUN nuget-audit --audit-level=High .

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

License

MIT

About

CLI tool to check vulnerabilities in all NuGet packages.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages