nodejsscan

• njsscan bump + performance upgrade.
• Test Fix
• Dependency updates

• njsscan update
• Supports Apple M1 ARM

• libsast major upgrade
• njsscan upgrade

• Rule updates
• Flask fixes

nodejsscan v4.4

• Version string fix

nodejsscan v4.3

• rule QA
• performance improvements

nodejsscan v4.2 powered by njsscan and semgrep
100+ node.js specific rules
Performance improvements
Single Line and Multiline comment handling
Bug Fixes

nodejsscan v4 powered by njsscan and semgrep
Windows support dropped from v4. (Windows users can use docker image)

• 70+ node.js specific rules
• We changed our core engine to njsscan(https://github.com/ajinabraham/njsscan) which use both regex for templates and semgrep for node.js files.

• Bug Fixes
• Dependency Update
• Code QA
• Rule Updates
• Better JS Detection

• Moved to Python3
• Improved UI
• Improved Scanning Logic
• Fixed Minor Bugs
• New CLI
• CLI as pip module
• Migrated to production server
• Code QA

Release Notes

• nodejsscan standalone CLI published to pypi

Release Notes

• CLI Scan
• Updated Dependencies
• New Static Analysis Rules
• F +ve Reduction
• Bug Fixes

• Updated Dependencies

• Fixes a unicode bug

• Fixes Stored XSS in UI discovered by @matt-

• Added rules to support deserialization bugs
• Added rules to support YAML injection

• Web interface
• Store Results
• Manage Finding,
• View Source and Show Code
• String Search

• Supports File and Directory
• Converted String to List. ( Memory Efficient )