PowerShell Gallery Package Vulnerability Scanner

[boblodgett]

Summary of the new feature / enhancement

I would like a tool similar to the vulnerability scanner for .NET NuGet packages that works with PowerShell packages. Does such a tool exist or can we get PowerShell packages plugged into the GitHub Advisory Database though an official tool similar to how the dotnet list package --vulnerable reports security issues?

Example for .NET NuGet packages: https://devblogs.microsoft.com/nuget/how-to-scan-nuget-packages-for-security-vulnerabilities

If there is already a way to do this can you provide information on how to do so?

Proposed technical implementation details (optional)

No response

[SydneyhSmith]

Thanks @boblodgett for the issue, there is nothing that exists today like that but we are investigating what might be possible...thanks!