ajinabraham/njsscan

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

JavaScriptLGPL-3.0

Issues

Sarif output validation issue on latest release
#125 opened 2 months ago by luke88jones
2
SARIF output not compliant to specification
#76 opened 2 months ago by StefanFl
3
Report showing XSS vulnerability even though the code is fixed.
#116 opened 2 months ago by mahammadrafeek
3
njsscan fails to scan projects containing symlinks
#99 opened 2 months ago by disposedtrolley
2
.njsscan config - ignore-extensions not working as expected
#102 opened 2 years ago by deividasm
2
False Positive from `.findOne()` using Sequelize
#114 opened 9 months ago by bleow
4
Getting error while executing njsscan
#95 opened 9 months ago by sumitsharma16
13
Issue in njsscan
#109 opened 9 months ago by spmishra121
1
Configuration options documentation
#110 opened 2 years ago by luis-guimaraes-exoawk
2
node_insecure_random_generator any Math.random is suspected
#106 opened 2 years ago by jonny64
3
node_password false positive
#105 opened 2 years ago by jonny64
1
regex_injection_dos false positive
#104 opened 2 years ago by jonny64
1
Pin njsscan dependencies
#100 opened 2 years ago by disposedtrolley
1
Eval backquote Vulnerability not detected
#101 opened 2 years ago by LyesH4ck
2
Error importing sonarqube report into sonar
#68 opened 2 years ago by kmlp10
6
false positive for regex_injection_dos
#96 opened 2 years ago by dogmatic69
1
--html no longer works?
#89 opened 2 years ago by erzz
3
Getting error with -o option, if output path has spaces and special characters in directory name
#88 opened 2 years ago by psandeep09
1
future request: Add junit format output
#90 opened 2 years ago by armanbaghajyan
1
False positives with node_username
#93 opened 2 years ago by snyamathi
1
Import 3rd party rules
#87 opened 3 years ago by nbeguier
1
njsscan not running properly on MaC
#91 opened 3 years ago by rohitcoderCdefense
3
Faulty node_nosqli_injection ??
#83 opened 3 years ago by designamx
3
export as static html
#86 opened 3 years ago by dberardo-com
1
SQL injections are no longer detected
#85 opened 3 years ago by ronnn
8
Rule QA community feedback
#84 opened 3 years ago by ajinabraham
0
CWE-79 metadata inconsistency
#75 opened 3 years ago by zricethezav
4
To investigate
#71 opened 3 years ago by ajinabraham
1
SQLi False positive
#72 opened 3 years ago by ajinabraham
1
node_username rule overly broad for ERROR
#80 opened 3 years ago by jayvdb
2
False positive in sql injection rule
#82 opened 3 years ago by wallali
1
squirrelly_template rule
#81 opened 3 years ago by nbeguier
2
Support njsscan-ignore above the current line
#77 opened 3 years ago by fabiohaertel
1
angular rules?
#73 opened 3 years ago by javixeneize
1
false positive for user input?
#78 opened 3 years ago by dogmatic69
4
We need new relaese
#74 opened 3 years ago by kadir-taskiran
2
Replicate Severity filter
#69 opened 3 years ago by ajinabraham
2
TypeScript support
#66 opened 4 years ago by o8e
1
Add ability to know which files are being scanned.
#62 opened 4 years ago by vsviridov
1
njsscan-ignore in Handlebars template
#63 opened 4 years ago by takemyoxygen
3
Resource not accessible by integration
#61 opened 4 years ago by aravindvnair99
4
change license to lgpl 3
#49 opened 4 years ago by ajinabraham
1
Something wrong with docker image
#60 opened 4 years ago by melnikaite
6
[Feature-request] output report as html
#59 opened 4 years ago by a-boulafia
2
Update rule file name
#56 opened 4 years ago by ajinabraham
0
njsscan: command not found
#54 opened 4 years ago by slaffcheff
1
TypeScript support
#57 opened 4 years ago by zakrush
1
eval trigger
#55 opened 4 years ago by zakrush
2
compiled typescript string enums not allowed
#53 opened 4 years ago by marcosdipaoloSV
2
TypeError: 'NoneType' object is not subscriptable
#50 opened 4 years ago by zain-CSsol
4