Open Issues Need Help
View All on GitHubAI Summary: Enhance the existing JavaScript static analysis tool (@nodesecure/js-x-ray) to correctly identify and flag instances where the `fetch` API is re-assigned to a new variable, ensuring that the analysis accurately detects potential security vulnerabilities associated with the re-assigned `fetch` function.
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
AI Summary: The task is to enhance the existing JavaScript static analysis tool, `@nodesecure/js-x-ray`, to detect and flag the use of `api.ipify.org` as a "shady-link" warning within the `isLiteral` probe. This involves modifying the code to identify this specific domain within string literals and trigger the appropriate warning.
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
AI Summary: Implement `initialize` and `finalize` callbacks in the `ProbeRunner` of a JavaScript static analysis tool to allow probes to execute code during the initialization and teardown phases of a `SourceFile`. The `initialize` callback should be prioritized. This involves modifying the existing `ProbeRunner` class and potentially refactoring existing probe code to utilize these new callbacks.
JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.