SAST analyser for Type/JavaScript

ShiftLeftSecurity / sast-scan

Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.

https://discord.gg/DCNxzaeUpd

Apache License 2.0

809 stars 111 forks source link

SAST analyser for Type/JavaScript #367

Closed daniel-ac-martin closed 2 years ago

daniel-ac-martin commented 2 years ago

I notice that njsscan was previously included.

Are there any clear plans on replacing this functionality? e.g. With NG SAST.

prabhu commented 2 years ago

@daniel-ac-martin Entire sast-scan project is now deprecated. We are working on adding javascript support for joern which is a proper data-flow analysis tool.

https://joern.io/

daniel-ac-martin commented 2 years ago

@prabhu: Ah I missed that. It's a shame as it looks like a great project. Thanks for letting me know.