Add JS tools

[ErdemOzgen]

For source code analysis specifically tailored to JavaScript, focusing on open-source tools, there are several options available:

1. ESLint: ESLint is a popular open-source JavaScript linting utility. It is primarily used for identifying and reporting on patterns found in ECMAScript/JavaScript code, making code more consistent and avoiding bugs. ESLint is capable of fixing many issues automatically and can be customized by the user to suit different coding styles and applications. ESLint on GitHub.

2. SonarJS: SonarJS is an open-source tool that provides static code analysis for JavaScript. It's used to detect bugs and suspicious patterns in the code, as well as code smells and security vulnerabilities. SonarJS can be integrated into various CI/CD pipelines for automated code quality checks. SonarJS on GitHub.

3. JSHint: JSHint is a community-driven tool that detects errors and potential problems in JavaScript code. It can be used to enforce coding conventions and is highly configurable, allowing users to adjust it to their coding standards and requirements. JSHint on GitHub.

4. CodeQL: Developed by GitHub, CodeQL is an open-source semantic code analysis engine. It allows you to write queries that find code patterns within entire project histories. CodeQL is particularly strong in identifying various types of vulnerabilities in the source code. CodeQL on GitHub.

Also we need to check for bandit for js scanning.