Portable and language managers
npmverified ยท 100%
npm install -g retirelocal npm package metadata
npm / rank 341
Install retire
Retire is a tool for detecting use of vulnerable libraries. Version 5.4.3 via npm; verified 2026-05-26.
install
Install with Automic Vault
Automic Vault
sudo av install npm:retirePackage manager source
Platform notes
- No package-specific platform notes were present.
overview
Package summary
Retire is a tool for detecting use of vulnerable libraries
Homepage
Commands and aliases
No executable aliases were found in the local package database.
security posture
No protected-tool coverage found yet
No matching local secret-handling manifest was found for retire. Nucleus package metadata is still published here so future coverage has a stable package URL.
Install behavior
- No npm postinstall script is recorded in package metadata.
- No Homebrew bottle metadata was recorded.
- Installs with 6 runtime dependencies.
- Build metadata lists 14 build dependencies.
Recommended review
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
Installed executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
retire | cli | global executable |
freshness
Version and freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
page generated2026-06-10
manager version5.4.3
manager updated2026-05-26
local dataok
upstreamnot checked
latest detectednot detected
https://github.com/RetireJS/retire.js
- infoNo cached GitHub release or tag data was available.https://github.com/RetireJS/retire.jsnone confidence
install metadata
Package metadata
| Package key | npm:retire |
|---|---|
| Version | 5.4.3 |
| Package manager | npm |
| Package manager page | https://www.npmjs.com/package/retire |
| Homepage | https://github.com/RetireJS/retire.js#readme |
| Repository | https://github.com/RetireJS/retire.js |
| Upstream docs | https://github.com/RetireJS/retire.js#readme |
| License | Apache-2.0 |
| Source archive | https://registry.npmjs.org/retire/-/retire-5.4.3.tgz |
| Issue tracker | https://github.com/RetireJS/retire.js/issues |
| Last updated | 2026-05-26T09:14:27.191Z |
| Published | 2026-05-26T09:14:27.191Z |
| Dependencies | ansi-colors, astronomical, commander, proxy-agent, walkdir, zod |
| Build dependencies | @types/chai, @types/jest, @types/node, @types/uuid, @typescript-eslint/eslint-plugin, @typescript-eslint/parser, chai, eslint, eslint-config-prettier, jsonschema, prettier, ts-jest, ts-node, typescript |
| Bottle | not recorded |
| npm postinstall | not defined |
| Service | none declared |
| Keywords | sbom, sbom-tool, sbom-generator, security, cli, software-composition-analysis, sca |
registry facts
Source database details
| Source Database | npm registry |
|---|---|
| Dist Tags | |
| Version Count | 148 |
| Maintainers |
|
| Author | Erlend Oftedal |
| Publisher | GitHub Actions |
| Engines | |
| Integrity | sha512-a+CNXfbCTC/kAQLeFxfN9/kts1NlFMo5lrjBefmFssdOJy0XYPNpRN4k63hwIhhzyzPvHziZrQHWKdJNf6Lp5g== |
| Shasum | b5bdbe160d1bc28d588a1f77d3e23eee6a1d870e |
| Unpacked Size | 108,509 |
| File Count | 0 |
| Created At | 2013-10-29T18:55:26.848Z |
| Latest Published At | 2026-05-26T09:14:27.191Z |
| Modified At | 2026-05-26T09:14:27.463Z |
source trail
Generated from repository data
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
Used sources
- Nucleus package database
- cross-ecosystem install command graph
- package relationship graph
- package version freshness
- package-page enrichment