🔍 Search GitHub Org for Node.js Dependencies

• 🔍 Search GitHub Org for Node.js Dependencies
  • ⚠️ Context
  • 📋 Prerequisites
  • 🔎 Default Dependencies
  • 🚀 Usage
  • 💡 Examples
  • 📤 Output
  • 📄 License

Scan all repositories in a GitHub organization for specific Node.js dependencies.

⚠️ Context

This tool was created in response to a critical security vulnerability in React Server Components disclosed on December 3, 2025. The vulnerability affects applications using React Server Components with certain bundler integrations.

📋 Prerequisites

• GitHub CLI (gh) - authenticated
• jq - JSON processor
• Optional GNU parallel - run jobs in parallel (great for large organizations)

🔎 Default Dependencies

By default, the script searches for the following dependencies:

• react-server-dom-parcel
• react-server-dom-turbopack
• react-server-dom-webpack
• next
• rwsdk
• waku
• @vitejs/plugin-rsc

🚀 Usage

./check-repositories-for-node-deps.sh <organization-name> [dependencies]

💡 Examples

# Using default dependencies (react-server-dom-*)
./check-repositories-for-node-deps.sh my-org

# Custom dependencies (comma-separated)
./check-repositories-for-node-deps.sh my-org "lodash,express,axios"

📤 Output

• Downloads all package.json files to ./repos_with_package_json/
• Shows ⚠️ warnings for each found dependency
• Displays version and dependency type (dependencies, devDependencies, peerDependencies)

📄 License

MIT See LICENSE for more information.

Made with ❤️ by @GentooXativa