jssa

JS static analyzer (jssa): An aggregation of javascript source code static analysis tools

Installation

In order to install jssa:

npm install jssa

Usage

In order to use jssa in your project follow the steps:

Instert jssa in your code

$ const jssa = require('jssa');

Analyze js code

const project_root_directory = "example_project_to_analyze";
const list_of_js_files = [ 'example_project/app.js',
  'example_project/appcopy.js',
  'example_project/sonarjs.js',
  'example_project/routes/index.js',
  'example_project/routes/users.js' ]

jssa.analyze_all(project_root_directory, list_of_js_files, "npm").then(res => {
  analysis_results = res; // Object containing the analysis results
})
.catch(err => {
  console.log(err); // Print error 
});

Test

The example_project folder contains a project created using express-generator.

The file appcopy.js was added to be caught by jsinspect. In the package.json one extra vulnerable package was added.

To run the tests:

npm test-windows

or

npm test-linux

Name		Name	Last commit message	Last commit date
Latest commit History 77 Commits
__tests__		__tests__
analyzers		analyzers
bin		bin
example_project		example_project
examples		examples
utilities		utilities
.editorconfig		.editorconfig
.eslintrc		.eslintrc
.gitignore		.gitignore
.npmrc		.npmrc
LICENSE		LICENSE
README.md		README.md
analysis.js		analysis.js
badge-lines.svg		badge-lines.svg
cyclopt-eslint.json		cyclopt-eslint.json
package-lock.json		package-lock.json
package.json		package.json

License

cyclopt/jssa

Folders and files

Latest commit

History

Repository files navigation

jssa

Installation

Usage

Test

About

Resources

License

Stars

Watchers

Forks

Languages