Roadmap (critical features/issues)

NodeSecure / js-x-ray

JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.

MIT License

229 stars 26 forks source link

Roadmap (critical features/issues) #203

Open fraxken opened 9 months ago

fraxken commented 9 months ago

Here is a roadmap about my ideas about future releases of JS-X-Ray (outside of fixing current issues).

Add new documentation about Architectures
https://github.com/NodeSecure/js-x-ray/issues/267
Improve the way to add new Dependency/Warning (we probably need dedicated class with maybe Lazy probes). My idea is allow probes to be more independant from the SourceFile implementation.

jean-michelet commented 9 months ago

Refactor to allow the customization/injection of probes (would allow Scanner or any others projects to easily extend the capability of the tool).

Like a plugin system? Do you think about a specific pattern?

fraxken commented 9 months ago

@jean-michelet not really like a plugin system. The idea is just to allow someone to customize the list of executed probes and create a new one by itself. It could be useful in others projects like Scanner when we want to achieve new warnings or find informations that have no value for JS-X-Ray itself.

But overall the project is not ready for it yet.

jean-michelet commented 9 months ago

I post a comment to remind us to update doc for the next version :

SourceParser
AstAnalysis