From the course: DevSecOps: Building a Secure Continuous Delivery Pipeline
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
JavaScript security with Retire.js: Installation
From the course: DevSecOps: Building a Secure Continuous Delivery Pipeline
JavaScript security with Retire.js: Installation
- [Instructor] Now let's look at software composition analysis and inheritance security for JavaScript. This means that if your using a vulnerable version of jQuery, then our tool will throw an error code that will stop the continuous delivery pipeline. The tool we'll be using is Retire.js and it's made just for this purpose. Let's use Retire.js in a Docker container. We use Docker here, because it's a portable way to integrate security testing for CI systems like Jenkins. Let's head over to the command line. I have a forked repo of a Dockerized version of Retire.js. I'm going to clone this by typing git space clone and the project repo URL, github.com/wickett/docker-retire.js.git. Let's move into the repo, and then type cat Dockerfile. You can see that we're using a Node container, and the most current version of Retire.js. This sets up the entry point to the container as Retire, so when we call it, we can just pass arguments to it, and they'll be handled by Retire.js inside the…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.