Just install retire using NPM. If you use grunt, install grunt-retire as well.
The gruntfile config entry looks like this
js: ['app/**/*.js'], /** Which js-files to scan. **/
node: ['node_modules'], /** Which node directories to scan (containing package.json). **/
You may have to change the js and node directories.
To enable the task, add this in grunt:
Note that grunt.registerTask(‘retire’, [‘retire’]); will NOT work!
Now run grunt retireCheck. Make this part of your build process to reduce the potential for vulnerable code to ruin your day!