Added Static Analysis tool retire.js

[nniknam1]

Tool Description

Retire.js is a security scanner that detects the use of JavaScript libraries and Node.js modules with known vulnerabilities. It checks your project dependencies (and optionally frontend assets) against a public vulnerability database. This helps identify and remediate risks early in the development lifecycle.

---

Changes Made

• Installed Retire.js as a development dependency.
• Verified Retire.js runs locally with npx retire.
• Initial integration prepared for scanning project dependencies.

---

Evidence of Successful Integration

• Ran npx retire on the tool/retire branch.
• The tool executed successfully and scanned installed packages for vulnerabilities.
• Output confirms Retire.js is functional and ready for further automation (e.g., CI/CD integration).

---

Notes

• Retire.js can be extended to scan frontend JavaScript served to clients.
• For future improvements, we can add an npm script ("retire": "retire") and integrate the tool into GitHub Actions so scans run automatically on pull requests.

---

[coveralls]

Pull Request Test Coverage Report for Build 18808400487

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 78.501%

---

Totals
Change from base Build 18433241500:	0.0%
Covered Lines:	24795
Relevant Lines:	29732

---

💛 - Coveralls

[IndyaG]

lgtm

[FaizFarooqMoazam]

lgtm

[haolinwa]

lgtm