retire ☆

« Back to VersTracker

Description:
Scanner detecting the use of JavaScript libraries with known vulnerabilities

Type: Formula | Latest Version: 5.4.0@0 | Tracked Since: Dec 24, 2025

Links: Homepage | formulae.brew.sh

Category: Security

Tags: security javascript vulnerability-scanner devsecops nodejs

Install: brew install retire

About:
Retire.js is a security scanner that identifies the use of JavaScript libraries with known vulnerabilities within your projects. It analyzes both client-side and server-side code, checking library versions against a comprehensive database of security advisories. This tool helps developers proactively mitigate security risks by flagging outdated or vulnerable dependencies.

Key Features:

Scans JavaScript files and Node.js projects for vulnerable library versions
Supports multiple sources for vulnerability data including Retire.js's own repository and NVD
Integrates with build pipelines (Grunt, Gulp, Webpack) and CI/CD workflows
Provides command-line scanning and browser extension for client-side analysis

Use Cases:

Auditing existing projects for known security vulnerabilities
Integrating security checks into CI/CD pipelines
Monitoring third-party scripts on websites for vulnerabilities

Alternatives:

npm audit – Native to the Node.js ecosystem, focuses specifically on npm dependencies, whereas Retire.js is broader and can scan frontend assets.
OWASP Dependency-Check – A more general-purpose dependency checker for multiple languages, often considered heavier than Retire.js for JS-only projects.

Version History

Detected	Version	Change	Commit
Dec 24, 2025 9:55pm	5.4.0	VERSION_BUMP	b6a59e1b
Oct 30, 2024 10:09am		VERSION_BUMP	bf62fd1b
Oct 30, 2024 9:48am		VERSION_BUMP	6fef99ce
Sep 26, 2024 9:52am		VERSION_BUMP	1cc90834
Aug 11, 2024 9:46pm		VERSION_BUMP	01d9cc58
Aug 1, 2024 7:41am		VERSION_BUMP	62bc5267
Jul 16, 2024 1:20am		VERSION_BUMP	e59a9f52
Jul 15, 2024 9:43pm		VERSION_BUMP	0cefa4d0
Jun 13, 2024 3:45pm		VERSION_BUMP	5951ca76
Feb 13, 2024 7:51am		VERSION_BUMP	230d5ed2