PhantomRaven NPM Scanner

Version updated for https://github.com/maxh33/phantom-raven-npm-vulnerability-scanner to version v1.0.0.

• This action is used across all versions by ? repositories.

Go to the GitHub Marketplace to find the latest changes.

Release notes

Features

• Detect HTTP URL dependencies (RDD attack vector)
• Typosquatting detection using Levenshtein distance
• Missing integrity hash detection in lockfiles
• Suspicious install script scanning
• GitHub Action for easy CI/CD integration

Usage

- uses: maxh33/phantom-raven-npm-vulnerability-scanner@v1
  with:
    fail-on-critical: 'true'

• maxh33
• GitHub Actions