oauthlint 0.2.3 → 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -8,6 +8,7 @@ A curated, multi-language Semgrep rule pack · JS/TS · Python · Go · Java ·
|
|
|
8
8
|
|
|
9
9
|
[](https://www.npmjs.com/package/oauthlint)
|
|
10
10
|
[](https://www.npmjs.com/package/oauthlint)
|
|
11
|
+
[](https://github.com/Auspeo/oauthlint/actions/workflows/ci.yml)
|
|
11
12
|
[](https://opensource.org/licenses/MIT)
|
|
12
13
|
[](https://oauthlint.dev)
|
|
13
14
|
|
|
@@ -41,6 +42,12 @@ oauthlint is the layer between generic SAST and an enterprise IAM program:
|
|
|
41
42
|
**free, focused, developer-first.** Every finding names the rule, the exact
|
|
42
43
|
`file:line`, *why* it's dangerous, and *how* to fix it — with CWE/OWASP mappings.
|
|
43
44
|
|
|
45
|
+
<div align="center">
|
|
46
|
+
|
|
47
|
+

|
|
48
|
+
|
|
49
|
+
</div>
|
|
50
|
+
|
|
44
51
|
## Why oauthlint, and not just Semgrep?
|
|
45
52
|
|
|
46
53
|
Honest answer: nothing stops you from writing these rules yourself. Semgrep is
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "oauthlint",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.4",
|
|
4
4
|
"description": "Catch the OAuth/OIDC/JWT anti-patterns AI coding tools systematically produce. CLI wrapper around the oauthlint-rules Semgrep rule pack.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|