log4j-sniffer

1.9.0 Opens a new window with list of versions in this module.

A tool that scans archives to check for vulnerable log4j versions For more information about how to use this package see README

Latest version published 3 years ago

GitHub

Package Health Score

59 / 100

security
No known security issues
popularity
Small
maintenance
Inactive
community
Sustainable

Explore Similar Packages

Popularity

Small

Imported By: 0
GitHub Stars: 192
Forks: 23
Contributors: 20

Usage Popularity

Based on project statistics from the GitHub repository for the Golang package log4j-sniffer, we found that it has been 192 times.

The popularity score for Golang modules is calculated based on the number of stars that the project has on GitHub as well as the number of imports by other modules.

Security

No known security issues

Security risks

Direct Vulnerabilities: 0
C
0
H
0
M
0
L

Indirect Vulnerabilities: Check with Snyk

Release Date

Feb 23, 2022

License

Apache-2.0

Security Policy

We found a way for you to contribute to the project! Looks like log4j-sniffer is missing a security policy.

You can connect your project's repository to Snyk to stay up to date on security alerts and receive automatic fix pull requests.

Keep your project free of vulnerabilities with Snyk

Maintenance

Inactive

Commit Frequency

Open Issues: 3
Open PR: 0
Last Release: 3 years ago
Last Commit: 17 days ago

Further analysis of the maintenance status of github.com/palantir/log4j-sniffer based on released golang versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

An important project maintenance signal to consider for github.com/palantir/log4j-sniffer is that it hasn't seen any new versions released to golang in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Community

Sustainable

Readme.md: No
Contributing.md: No
Code of Conduct: No
Contributors: 20
Funding: No

With more than 10 contributors for the github.com/palantir/log4j-sniffer repository, this is possibly a sign for a growing and inviting community.

We found a way for you to contribute to the project! Looks like github.com/palantir/log4j-sniffer is missing a Code of Conduct.

How about a good first contribution to this project? It seems that github.com/palantir/log4j-sniffer is missing a README file.

Embed Package Health Score Badge

Keep your project healthy

Check your go.mod

Ensure all the packages you're using are healthy and well-maintained

FAQs

What is log4j-sniffer?

A tool that scans archives to check for vulnerable log4j versions. Visit Snyk Advisor to see a full health score report for log4j-sniffer, including popularity, security, maintenance & community analysis.

Is log4j-sniffer popular?

The golang package log4j-sniffer receives a total of ? weekly downloads. As such, log4j-sniffer popularity was classified as small. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is log4j-sniffer well maintained?

We found indications that log4j-sniffer is an Inactive project. See the full package health analysis to learn more about the package maintenance status.

Is log4j-sniffer safe to use?

The golang package log4j-sniffer was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 12 September-2024, at 10:01 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP