Integrating NodeJSScan into CI/CD

What is nodejsscan?

NodeJsScan is an open source static code scanner used to find security flaws specifically in Node.js applications. It is powered by libsast and semgrep.

Tool type SAST (Static Code Analysis)
License Open Source
Languages Javascript (Node.js)
Site https://github.com/ajinabraham/NodeJsScan

 

Pre-requisites

1 You'll need a Git Address to scan

How do I set it up with uleska?

nodejsscan needs no additional configuration, though you will need to Create a Custom Toolkit to use it. Once you've named your Custom Toolkit, Add nodejsscan and save your toolkit.

Screenshot 2022-03-11 at 14.49.24

Once you've created your toolkit, you can use it to scan any Application Version in your Uleska system.

Next steps:

Find out more about other Open Source Tools <<here>>

Sign up to Uleska <<here>>