Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Static analysis tool for javascript code based. Scanjs uses Esprima to convert sources to AST, then walks AST looking for patterns.
JavaScript CSS
branch: master

Merge pull request #5 from mozilla/master

Merge back from Mozilla repo
latest commit b72c991c18
@pauljt authored

README.md

scanjs

  • Static analysis tool for javascript codebases. Scanjs uses Acorn to convert sources to AST, then walks AST looking for patterns.
  • Works on both client and server side

Client-side instructions

  • git clone https://github.com/mozilla/scanjs.git
  • node server.js
  • Navigate to scanjs/client/ or see our example page

Server-side instructions

  • Install node.js
  • git clone https://github.com/mozilla/scanjs.git
  • cd scanjs
  • npm install
  • node scanner.js -t DIRECTORY_PATH

Testing instructions

We use the mocha testing framework. node server.js


To add tests, create a new file in ```/tests/cases/``` and following the naming
convention, which should be obvious. For example, our rule named .innerHTML
lives in ```/tests/cases/innerhtml.js```.

From there, add the new test case to ```/tests/index.html```. In our
example, that would involve adding a ```<script src='/tests/cases/innerhtml.js'></script>```.
Something went wrong with that request. Please try again.