After the debacle with Lottie a few weeks ago, Enterprise customers wanted a risk assessment of ALL plugin libraries used in their Bubble apps.
What is the potential risk of any other imported JS libraries?
I’ve created a Chrome extension - it lists all the Javascript libraries that your App loads.
https://chromewebstore.google.com/detail/js-library-lister/oindknlkenlfcanfhmgoifleiaomgnjf
Once you’ve installed the Chrome extension “pin” it so you can see its icon in the extension bar. Then navigate through your Bubble app and a list of all the imported js libraries will be captured.
Then you can take that list (cut and paste) and ask ChatGPT about these libraries.
Full details here https://planbbackups.io/js_library_how_to_do_a_risk_assessment
These are the prompts I use.
- I want to analyse some javascript libraries that my web app used. I will give you a list of libraries to remember.
Now paste in the list of libraries. Now you can ask ChatGPT about the libraries. - Please tell me for each of these libraries, what their purpose is, and how out of date they are.
- Would any of these libraries be considered risky?
- List any that are pinned to latest versions.
Video walkthrough
Please comment if you have some improved prompts.