Static analysis tool for javascript code based. Scanjs uses Esprima to convert sources to AST, then walks AST looking for patterns.
JavaScript CSS
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
client
common
tests
.gitignore
LICENSE
README.md
package.json
scanner.js
server.js
stackato.yml

README.md

scanjs

  • Static analysis tool for javascript codebases. Scanjs uses Acorn to convert sources to AST, then walks AST looking for patterns.
  • Works on both client and server side

Client-side instructions

  • git clone https://github.com/mozilla/scanjs.git
  • node server.js
  • Navigate to scanjs/client/ or see our example page

Server-side instructions

  • Install node.js
  • git clone https://github.com/mozilla/scanjs.git
  • cd scanjs
  • npm install
  • node scanner.js -t DIRECTORY_PATH

Testing instructions

We use the mocha testing framework. node server.js


To add tests, create a new file in ```/tests/cases/``` and following the naming
convention, which should be obvious. For example, our rule named .innerHTML
lives in ```/tests/cases/innerhtml.js```.

From there, add the new test case to ```/tests/index.html```. In our
example, that would involve adding a ```<script src='/tests/cases/innerhtml.js'></script>```.