GitLab SAST reporter for NodeJS
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib
.dockerignore
.editorconfig
.eslintrc.yml
.gitignore
Dockerfile
README.md
package-lock.json
package.json
scan.js

README.md

GitLab SAST for NodeJS

This project uses eslint-plugin-security to scan and report security issues.

Usage: scan [options] <path ...>

Options:

  -v, --version         output the version number
  -o, --out <filename>  output filename, defaults to gl-sast-report.json
  -h, --help            output usage information

How to use

NPX

npx gitlab-sast-nodejs path1 path2

NPM

npm i -g gitlab-sast-nodejs

Docker

Using Docker you can simply mount two volumes in the container, e.g.:

docker run --rm -it -v $(PWD)/src:/src/code -v $(PWD):/output sast

This will scan a subfolder src/ and write the result to the root of your project