njsscan finds insecure code patterns in your node.js applications.
Add the following file .github/workflows/njsscan.yml to your node.js repositories in Github to enable njsscan in your CI/CD or DevSecOps pipeline.
name: njsscan
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
njsscan:
runs-on: ubuntu-latest
name: njsscan check
steps:
- name: Checkout the code
uses: actions/[email protected]
- uses: actions/[email protected]
with:
python-version: '3.12'
- name: nodejsscan scan
id: njsscan
uses: ajinabraham/njsscan-action@master
with:
args: '.'
name: njsscan
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
njsscan:
runs-on: ubuntu-latest
name: njsscan code scanning
steps:
- name: Checkout the code
uses: actions/[email protected]
- uses: actions/[email protected]
with:
python-version: '3.12'
- name: nodejsscan scan
id: njsscan
uses: ajinabraham/njsscan-action@master
with:
args: '. --sarif --output results.sarif || true'
- name: Upload njsscan report
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif
For configuration, see: https://github.com/ajinabraham/njsscan#configure-njsscan