Home Explore Help
Sign In
logic855
/
claude-mods
mirror of https://github.com/0xDarkMatter/claude-mods.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: d3fc69a973
Branches Tags
claude-mods
/
skills
/
security-ops
/
scripts
/
dependency-audit.sh

dependency-audit.sh 2.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990 
  1. #!/bin/bash
    2. 

  2. # Audit dependencies for known vulnerabilities
    3. 

  3. # Usage: ./dependency-audit.sh
    4. 

  4. 

  5. set -e
    6. 

  6. 

  7. RED='\033[0;31m'
    8. 

  8. GREEN='\033[0;32m'
    9. 

  9. YELLOW='\033[1;33m'
    10. 

  10. NC='\033[0m'
    11. 

  11. 

  12. echo "=== Dependency Security Audit ==="
    13. 

  13. echo ""
    14. 

  14. 

  15. # Python
    16. 

  16. if [ -f "requirements.txt" ] || [ -f "pyproject.toml" ]; then
    17. 

  17.     echo "--- Python Dependencies ---"
    18. 

  18. 

  19.     if command -v pip-audit &> /dev/null; then
    20. 

  20.         echo "Running pip-audit..."
    21. 

  21.         pip-audit || true
    22. 

  22.     elif command -v safety &> /dev/null; then
    23. 

  23.         echo "Running safety check..."
    24. 

  24.         safety check || true
    25. 

  25.     else
    26. 

  26.         echo -e "${YELLOW}Install pip-audit or safety for Python vulnerability scanning${NC}"
    27. 

  27.         echo "  pip install pip-audit"
    28. 

  28.     fi
    29. 

  29.     echo ""
    30. 

  30. fi
    31. 

  31. 

  32. # Node.js
    33. 

  33. if [ -f "package.json" ]; then
    34. 

  34.     echo "--- Node.js Dependencies ---"
    35. 

  35. 

  36.     if command -v npm &> /dev/null; then
    37. 

  37.         echo "Running npm audit..."
    38. 

  38.         npm audit --audit-level=moderate || true
    39. 

  39.     fi
    40. 

  40.     echo ""
    41. 

  41. fi
    42. 

  42. 

  43. # Go
    44. 

  44. if [ -f "go.mod" ]; then
    45. 

  45.     echo "--- Go Dependencies ---"
    46. 

  46. 

  47.     if command -v govulncheck &> /dev/null; then
    48. 

  48.         echo "Running govulncheck..."
    49. 

  49.         govulncheck ./... || true
    50. 

  50.     else
    51. 

  51.         echo -e "${YELLOW}Install govulncheck for Go vulnerability scanning${NC}"
    52. 

  52.         echo "  go install golang.org/x/vuln/cmd/govulncheck@latest"
    53. 

  53.     fi
    54. 

  54.     echo ""
    55. 

  55. fi
    56. 

  56. 

  57. # Rust
    58. 

  58. if [ -f "Cargo.toml" ]; then
    59. 

  59.     echo "--- Rust Dependencies ---"
    60. 

  60. 

  61.     if command -v cargo-audit &> /dev/null; then
    62. 

  62.         echo "Running cargo audit..."
    63. 

  63.         cargo audit || true
    64. 

  64.     else
    65. 

  65.         echo -e "${YELLOW}Install cargo-audit for Rust vulnerability scanning${NC}"
    66. 

  66.         echo "  cargo install cargo-audit"
    67. 

  67.     fi
    68. 

  68.     echo ""
    69. 

  69. fi
    70. 

  70. 

  71. # Docker
    72. 

  72. if [ -f "Dockerfile" ]; then
    73. 

  73.     echo "--- Docker Image ---"
    74. 

  74. 

  75.     if command -v trivy &> /dev/null; then
    76. 

  76.         echo "Running trivy on Dockerfile..."
    77. 

  77.         trivy config Dockerfile || true
    78. 

  78.     else
    79. 

  79.         echo -e "${YELLOW}Install trivy for container vulnerability scanning${NC}"
    80. 

  80.         echo "  brew install trivy"
    81. 

  81.     fi
    82. 

  82.     echo ""
    83. 

  83. fi
    84. 

  84. 

  85. echo "=== Audit Complete ==="
    86. 

  86. echo ""
    87. 

  87. echo "Recommended actions:"
    88. 

  88. echo "1. Update vulnerable packages to patched versions"
    89. 

  89. echo "2. Review advisories for workarounds if updates unavailable"
    90. 

  90. echo "3. Consider alternative packages for unmaintained dependencies"
    91.