JSPM

@monodox/bugbase

0.2.0
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 13
  • Score
    100M100P100Q71961F
  • License MIT

Bugbase CLI for CVE scanning, secret detection, and predictive security analysis.

Package Exports

    This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@monodox/bugbase) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

    Readme

    @monodox/bugbase

    Bugbase is an open-source CLI for scanning dependencies for known CVEs, detecting exposed secrets, and surfacing AI-powered predictive security signals.

    Status

    This package is currently an early scaffold. The published package metadata and CLI entry point are in place, while the scanning logic is still under active development.

    Installation

    npm install -g @monodox/bugbase

    Or run without installing:

    npx @monodox/bugbase

    Usage

    bugbase scan
bugbase auth
bugbase bounties

    Configuration

    Copy the example environment file and fill in your values:

    cp .env.example .env.local
    Variable Description Default
    RITZA_API_KEY API key for Ritza integrations
    RITZA_API_URL Base URL for Ritza API https://api.ritza.co
    BUGBASE_ENV Runtime environment development
    BUGBASE_OUTPUT Default output format (terminal or json) terminal

    Development

    From the monorepo root:

    npm install
npm run test --workspace @monodox/bugbase

    Project Structure

    packages/node/
├── bin/bugbase.js          # CLI entry point
├── src/
│   ├── commands/
│   │   ├── auth.js         # API credential configuration
│   │   ├── scan.js         # Main scan workflow
│   │   └── bounties.js     # Scored findings view
│   ├── scanners/
│   │   ├── cve.js          # CVE dependency scanner
│   │   ├── secrets.js      # Secret detection scanner
│   │   └── ai.js           # AI predictive scanner
│   ├── reporters/
│   │   ├── terminal.js     # Human-readable output
│   │   └── json.js         # Machine-readable output
│   ├── api.js              # Ritza API client
│   ├── config.js           # Local configuration
│   └── constants.js        # Severity mappings
├── .env.example
├── LICENSE
└── package.json

    License

    MIT — see LICENSE.