Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Static analysis tool for javascript code based. Scanjs uses Esprima to convert sources to AST, then walks AST looking for patterns.
JavaScript CSS
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
client
common
tests
.gitignore
LICENSE
README.md
package.json
scanner.js
server.js
stackato.yml

README.md

scanjs

  • Static analysis tool for javascript codebases. Scanjs uses Acorn to convert sources to AST, then walks AST looking for patterns.
  • Works on both client and server side

Client-side instructions

  • git clone https://github.com/mozilla/scanjs.git
  • node server.js
  • Navigate to scanjs/client/ or see our example page

Server-side instructions

  • Install node.js
  • git clone https://github.com/mozilla/scanjs.git
  • cd scanjs
  • npm install
  • node scanner.js -t DIRECTORY_PATH

Testing instructions

We use the mocha testing framework. node server.js


To add tests, create a new file in ```/tests/cases/``` and following the naming
convention, which should be obvious. For example, our rule named .innerHTML
lives in ```/tests/cases/innerhtml.js```.

From there, add the new test case to ```/tests/index.html```. In our
example, that would involve adding a ```<script src='/tests/cases/innerhtml.js'></script>```.
Something went wrong with that request. Please try again.