This was the result of being nerd snipped by @tomsteele into scanning bower with the burp suite static analyzer.

Warning it's like 2.7 GB of json (I suggest using the output.nljson) if you want to tinker with the data. It's missing the raw req / res, but those probably aren't useful anyway.

List of packages (git urls) that were pulled from bower

Used to clone each package and run the files using burpstaticscan into burp suite.

Listens to burp and logs when an issue is found to a file

Raw results from the scan

raw results pushed into a newline json file that's easily imported into dat

Used to convert raw_data into the new line json file.

Enjoy