-
Notifications
You must be signed in to change notification settings - Fork 0
/
techstack.yml
339 lines (339 loc) · 12.9 KB
/
techstack.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
repo_name: kclhi/nr
report_id: c080d2d92b2c6fa5cf9a2e94c350e066
version: 0.1
repo_type: Public
timestamp: '2024-02-11T18:35:58+00:00'
requested_by: martinchapman
provider: github
branch: master
detected_tools_count: 20
tools:
- name: CSS 3
description: The latest evolution of the Cascading Style Sheets language
website_url: https://developer.mozilla.org/en-US/docs/Web/CSS/CSS3
open_source: true
hosted_saas: false
category: Languages & Frameworks
sub_category: Languages
image_url: https://img.stackshare.io/service/6727/css.png
detection_source_url: https://github.com/kclhi/nr
detection_source: Repo Metadata
- name: Golang
description: An open source programming language that makes it easy to build simple,
reliable, and efficient software
website_url: http://golang.org/
license: BSD-3-Clause
open_source: true
hosted_saas: false
category: Languages & Frameworks
sub_category: Languages
image_url: https://img.stackshare.io/service/1005/O6AczwfV_400x400.png
detection_source_url: https://github.com/kclhi/nr
detection_source: Repo Metadata
- name: JavaScript
description: Lightweight, interpreted, object-oriented language with first-class
functions
website_url: https://developer.mozilla.org/en-US/docs/Web/JavaScript
open_source: true
hosted_saas: false
category: Languages & Frameworks
sub_category: Languages
image_url: https://img.stackshare.io/service/1209/javascript.jpeg
detection_source_url: https://github.com/kclhi/nr
detection_source: Repo Metadata
- name: Pug
description: Robust, elegant, feature rich template engine for nodejs
website_url: https://pugjs.org
open_source: false
hosted_saas: false
category: Languages & Frameworks
sub_category: Templating Languages & Extensions
image_url: https://img.stackshare.io/service/1175/pug.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-11 14:28:16.000000000 Z
- name: ExpressJS
description: Sinatra inspired web development framework for node.js -- insanely
fast, flexible, and simple
website_url: http://expressjs.com/
version: 4.16.4
license: MIT
open_source: true
hosted_saas: false
category: Languages & Frameworks
sub_category: Microframeworks (Backend)
image_url: https://img.stackshare.io/service/1163/hashtag.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-16 17:26:21.000000000 Z
- name: Node.js
description: A platform built on Chrome's JavaScript runtime for easily building
fast, scalable network applications
website_url: http://nodejs.org/
version: 11.0.0
open_source: true
hosted_saas: false
category: Languages & Frameworks
sub_category: Frameworks (Full Stack)
image_url: https://img.stackshare.io/service/1011/n1JRsFeB_400x400.png
detection_source_url: https://github.com/kclhi/nr/blob/master/Dockerfile
detection_source: Dockerfile
last_updated_by: Martin Chapman
last_updated_on: 2020-02-03 00:37:24.000000000 Z
- name: Minio
description: AWS S3 open source alternative written in Go
website_url: https://minio.io/
version: 7.0.16
license: AGPL-3.0
open_source: true
hosted_saas: false
category: Data Stores
sub_category: Cloud Storage
image_url: https://img.stackshare.io/service/4485/gTawkyAA.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-22 19:05:02.000000000 Z
- name: Docker
description: Enterprise Container Platform for High-Velocity Innovation.
website_url: https://www.docker.com/
license: Apache-2.0
open_source: true
hosted_saas: false
category: Build, Test, Deploy
sub_category: Virtual Machine Platforms & Containers
image_url: https://img.stackshare.io/service/586/n4u37v9t_400x400.png
detection_source_url: https://github.com/kclhi/nr
detection_source: Repo Metadata
- name: Git
description: Fast, scalable, distributed revision control system
website_url: http://git-scm.com/
open_source: true
hosted_saas: false
category: Build, Test, Deploy
sub_category: Version Control System
image_url: https://img.stackshare.io/service/1046/git.png
detection_source_url: https://github.com/kclhi/nr
detection_source: Repo Metadata
- name: nodemon
description: A simple monitor script for use during development of a node.js app
website_url: http://nodemon.io/
version: 1.19.4
license: MIT
open_source: true
hosted_saas: false
category: Monitoring
sub_category: node.js Application Monitoring
image_url: https://img.stackshare.io/service/5577/preview.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-22 19:05:02.000000000 Z
- name: npm
description: The package manager for JavaScript.
website_url: https://www.npmjs.com/
open_source: false
hosted_saas: false
category: Build, Test, Deploy
sub_category: Front End Package Manager
image_url: https://img.stackshare.io/service/1120/lejvzrnlpb308aftn31u.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-11 14:28:16.000000000 Z
- name: cURL
description: Command Line Tool and Library for Transferring Data With URLs
website_url: http://curl.haxx.se/
open_source: true
hosted_saas: false
category: Assets and Media
sub_category: File Transfer
image_url: https://img.stackshare.io/service/6552/curl-logo.png
detection_source_url: https://github.com/kclhi/nr/blob/master/bucket/docker-compose.yml
detection_source: bucket/docker-compose.yml
last_updated_by: Martin Chapman
last_updated_on: 2019-10-22 19:05:02.000000000 Z
- name: Shell
description: A shell is a text-based terminal, used for manipulating programs and
files. Shell scripts typically manage program execution.
website_url: https://en.wikipedia.org/wiki/Shell_script
open_source: false
hosted_saas: false
category: Languages & Frameworks
sub_category: Languages
image_url: https://img.stackshare.io/service/4631/default_c2062d40130562bdc836c13dbca02d318205a962.png
detection_source_url: https://github.com/kclhi/nr
detection_source: Repo Metadata
- name: cookie-parser
description: Parse HTTP request cookies
package_url: https://www.npmjs.com/cookie-parser
version: 1.4.5
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: npm Packages
image_url: https://img.stackshare.io/package/16136/default_def3edb85d7fbd20200a5cd7d0a1679e31bc8b3d.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-16 17:26:21.000000000 Z
- name: crypto-js
description: JavaScript library of crypto standards
package_url: https://www.npmjs.com/crypto-js
version: 3.3.0
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: npm Packages
image_url: https://img.stackshare.io/package/16283/default_9924e5da1d50ea01e52b48e4fae4b1347af5e4ff.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-16 17:26:21.000000000 Z
vulnerabilities:
- name: crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times
weaker than current standard
cve_id: CVE-2023-46233
cve_url: https://github.com/advisories/GHSA-xwcq-pm8m-c4vf
detected_date: Oct 26
severity: critical
first_patched: 4.2.0
- name: debug
description: Small debugging utility
package_url: https://www.npmjs.com/debug
version: 3.2.6
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: npm Packages
image_url: https://img.stackshare.io/package/15852/default_a2f722724df977d0f7752839e5d8845ab41f69d5.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-16 17:26:21.000000000 Z
vulnerabilities:
- name: Regular Expression Denial of Service in debug
cve_id: CVE-2017-16137
cve_url: https://github.com/advisories/GHSA-gxpj-cx7g-858c
detected_date: Aug 22
severity: moderate
first_patched: 3.2.7
- name: express
description: Fast, unopinionated, minimalist web framework
package_url: https://www.npmjs.com/express
version: 4.16.4
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: npm Packages
image_url: https://img.stackshare.io/package/15818/default_db4a7791d2f1174547374b9b587bc10fec088a5a.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-16 17:26:21.000000000 Z
vulnerabilities:
- name: qs vulnerable to Prototype Pollution
cve_id: CVE-2022-24999
cve_url: https://github.com/advisories/GHSA-hrpp-h998-j3pp
detected_date: Dec 7
severity: high
first_patched: 4.17.3
- name: http-errors
description: Create HTTP error objects
package_url: https://www.npmjs.com/http-errors
version: 1.6.3
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: npm Packages
image_url: https://img.stackshare.io/package/16925/default_7b9968788548874538c601457e8dcd9c74bd2051.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-16 17:26:21.000000000 Z
- name: jsrsasign
description: Opensource free pure JavaScript cryptographic library supports RSA/RSAPSS/ECDSA/DSA
signing/validation
package_url: https://www.npmjs.com/jsrsasign
version: 7.2.2
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: npm Packages
image_url: https://img.stackshare.io/package/18778/default_3be76d99a52e16f70b30a0e5904930d202d7a045.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-16 17:26:21.000000000 Z
vulnerabilities:
- name: RSA signature validation vulnerability on maleable encoded message in jsrsasign
cve_id: CVE-2021-30246
cve_url: https://github.com/advisories/GHSA-27fj-mc8w-j9wg
detected_date: Aug 22
severity: critical
first_patched: 10.2.0
- name: RSA-PSS signature validation vulnerability by prepending zeros in jsrsasign
cve_id: CVE-2020-14968
cve_url: https://github.com/advisories/GHSA-q3gh-5r98-j4h3
detected_date: Aug 22
severity: critical
first_patched: 8.0.17
- name: RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasign
cve_id: CVE-2020-14967
cve_url: https://github.com/advisories/GHSA-xxxq-chmp-67g4
detected_date: Aug 22
severity: critical
first_patched: 8.0.18
- name: Marvin Attack of RSA and RSAOAEP decryption in jsrsasign
cve_id: CVE-2024-21484
cve_url: https://github.com/advisories/GHSA-rh63-9qcf-83gf
detected_date: Jan 20
severity: high
first_patched: 11.0.0
- name: ECDSA signature validation vulnerability by accepting wrong ASN.1 encoding
in jsrsasign
cve_id: CVE-2020-14966
cve_url: https://github.com/advisories/GHSA-p8c3-7rj8-q963
detected_date: Aug 22
severity: high
first_patched: 8.0.19
- name: JWS and JWT signature validation vulnerability with special characters
cve_id: CVE-2022-25898
cve_url: https://github.com/advisories/GHSA-3fvg-4v2m-98jf
detected_date: Jun 26
severity: high
first_patched: 10.5.25
- name: ECDSA signature vulnerability of Minerva timing attack in jsrsasign
cve_id:
cve_url: https://github.com/advisories/GHSA-g753-jx37-7xwh
detected_date: Aug 22
severity: moderate
first_patched: 8.0.13
- name: Signatures are mistakenly recognized to be valid in jsrsasign
cve_id:
cve_url: https://github.com/advisories/GHSA-h87q-g2wp-47pj
detected_date: Feb 10
severity: moderate
first_patched: 10.2.0
- name: morgan
description: HTTP request logger middleware for node.js
package_url: https://www.npmjs.com/morgan
version: 1.9.1
license: MIT
open_source: true
hosted_saas: false
category: Libraries
sub_category: npm Packages
image_url: https://img.stackshare.io/package/16097/default_c7b204838197013798409fa2b4dafce450edc7fb.png
detection_source_url: https://github.com/kclhi/nr/blob/master/api/package-lock.json
detection_source: api/package.json
last_updated_by: Martin Chapman
last_updated_on: 2019-10-16 17:26:21.000000000 Z