ajinabraham/njsscan issues and pull requests

#128 - comparison with semgrep

Issue - State: open - Opened by patsevanton 19 days ago

#127 - Add DefectDojo Output Format Support to njsscan

Pull Request - State: open - Opened by cdmx1 about 2 months ago - 1 comment

#126 - Explicit semgrep install

Pull Request - State: closed - Opened by ajinabraham 3 months ago

#125 - Sarif output validation issue on latest release

Issue - State: closed - Opened by luke88jones 3 months ago - 2 comments

#124 - Update description 3 rules: regex_injection_dos, generic_header_injection and generic_path_traversal

Pull Request - State: closed - Opened by sebasrevuelta 3 months ago - 1 comment

#123 - Sarif update

Pull Request - State: closed - Opened by ajinabraham 3 months ago

#122 - sarif qa

Pull Request - State: closed - Opened by ajinabraham 3 months ago

#121 - Bump semgrep to 1.86.0

Pull Request - State: closed - Opened by ajinabraham 3 months ago

#120 - Update xss_templates.yaml

Pull Request - State: closed - Opened by sebasrevuelta 4 months ago - 1 comment

#119 - Update open_redirect.yaml

Pull Request - State: closed - Opened by sebasrevuelta 4 months ago - 2 comments

#118 - Exclude hugo specific safe* keyword from squirrelly analysis

Pull Request - State: open - Opened by heurtematte 10 months ago - 5 comments

#117 - bump version + lint qa

Pull Request - State: closed - Opened by ajinabraham 10 months ago

#116 - Report showing XSS vulnerability even though the code is fixed.

Issue - State: closed - Opened by mahammadrafeek 10 months ago - 3 comments

#115 - Update nosql_find_injection.yaml to exclude sequelize's .findOne() false positives

Pull Request - State: closed - Opened by bleow 11 months ago

#114 - False Positive from `.findOne()` using Sequelize

Issue - State: closed - Opened by bleow 11 months ago - 4 comments

#113 - Update timing_attack_node.yaml

Pull Request - State: closed - Opened by sebasrevuelta 11 months ago

#112 - njsscan version bump for libsast performance improvements

Pull Request - State: closed - Opened by ajinabraham over 1 year ago

#111 - Bump semgrep + libsast

Pull Request - State: closed - Opened by ajinabraham over 1 year ago

#110 - Configuration options documentation

Issue - State: closed - Opened by luis-guimaraes-exoawk over 1 year ago - 2 comments

#109 - Issue in njsscan

Issue - State: closed - Opened by spmishra121 almost 2 years ago - 1 comment

#108 - Add owasp naming and fix cwe

Pull Request - State: closed - Opened by artem-fedorov about 2 years ago - 3 comments

#107 - [Snyk] Security upgrade python from 3.9-slim-buster to 3.11.0-slim

Pull Request - State: closed - Opened by ajinabraham about 2 years ago

#106 - node_insecure_random_generator any Math.random is suspected

Issue - State: closed - Opened by jonny64 about 2 years ago - 3 comments

#105 - node_password false positive

Issue - State: closed - Opened by jonny64 about 2 years ago - 1 comment

#104 - regex_injection_dos false positive

Issue - State: closed - Opened by jonny64 about 2 years ago - 1 comment

#103 - Add CodeQL workflow for GitHub code scanning

Pull Request - State: closed - Opened by lgtm-com[bot] about 2 years ago

#102 - .njsscan config - ignore-extensions not working as expected

Issue - State: closed - Opened by deividasm over 2 years ago - 2 comments

#101 - Eval backquote Vulnerability not detected

Issue - State: closed - Opened by LyesH4ck over 2 years ago - 2 comments

#100 - Pin njsscan dependencies

Issue - State: closed - Opened by disposedtrolley over 2 years ago - 1 comment

#99 - njsscan fails to scan projects containing symlinks

Issue - State: closed - Opened by disposedtrolley over 2 years ago - 2 comments
Labels: bug

#98 - 0.3.3

Pull Request - State: closed - Opened by ajinabraham over 2 years ago

#97 - Fixing offset issue to be imported in sonar

Pull Request - State: closed - Opened by JordanKergoat over 2 years ago - 1 comment

#96 - false positive for regex_injection_dos

Issue - State: closed - Opened by dogmatic69 over 2 years ago - 1 comment

#95 - Getting error while executing njsscan

Issue - State: closed - Opened by sumitsharma16 over 2 years ago - 13 comments

#94 - Version bump changes

Pull Request - State: closed - Opened by ajinabraham over 2 years ago

#93 - False positives with node_username

Issue - State: closed - Opened by snyamathi over 2 years ago - 1 comment

#92 - 'NoneType' object is not subscriptable

Issue - State: closed - Opened by d2bugs over 2 years ago - 2 comments

#91 - njsscan not running properly on MaC

Issue - State: closed - Opened by rohitcoderCdefense over 2 years ago - 3 comments

#90 - future request: Add junit format output

Issue - State: closed - Opened by armanbaghajyan almost 3 years ago - 1 comment

#89 - --html no longer works?

Issue - State: closed - Opened by erzz almost 3 years ago - 3 comments

#88 - Getting error with -o option, if output path has spaces and special characters in directory name

Issue - State: closed - Opened by psandeep09 almost 3 years ago - 1 comment

#87 - Import 3rd party rules

Issue - State: closed - Opened by nbeguier almost 3 years ago - 1 comment

#86 - export as static html

Issue - State: closed - Opened by dberardo-com almost 3 years ago - 1 comment

#85 - SQL injections are no longer detected

Issue - State: closed - Opened by ronnn almost 3 years ago - 8 comments

#84 - Rule QA community feedback

Issue - State: open - Opened by ajinabraham about 3 years ago

#83 - Faulty node_nosqli_injection ??

Issue - State: open - Opened by designamx about 3 years ago - 3 comments

#82 - False positive in sql injection rule

Issue - State: closed - Opened by wallali about 3 years ago - 1 comment

#81 - squirrelly_template rule

Issue - State: closed - Opened by nbeguier about 3 years ago - 2 comments

#80 - node_username rule overly broad for ERROR

Issue - State: closed - Opened by jayvdb about 3 years ago - 2 comments

#78 - false positive for user input?

Issue - State: closed - Opened by dogmatic69 over 3 years ago - 4 comments

#77 - Support njsscan-ignore above the current line

Issue - State: closed - Opened by fabiohaertel over 3 years ago - 1 comment

#76 - SARIF output not compliant to specification

Issue - State: closed - Opened by StefanFl over 3 years ago - 3 comments

#75 - CWE-79 metadata inconsistency

Issue - State: closed - Opened by zricethezav over 3 years ago - 4 comments

#74 - We need new relaese

Issue - State: closed - Opened by kadir-taskiran over 3 years ago - 2 comments

#73 - angular rules?

Issue - State: closed - Opened by javixeneize over 3 years ago - 1 comment

#72 - SQLi False positive

Issue - State: closed - Opened by ajinabraham over 3 years ago - 1 comment

#71 - To investigate

Issue - State: closed - Opened by ajinabraham over 3 years ago - 1 comment

#70 - add severity-filter feature

Pull Request - State: closed - Opened by ansidorov over 3 years ago

#69 - Replicate Severity filter

Issue - State: closed - Opened by ajinabraham over 3 years ago - 2 comments

#68 - Error importing sonarqube report into sonar

Issue - State: closed - Opened by kmlp10 over 3 years ago - 6 comments

#67 - Refactor tests

Pull Request - State: closed - Opened by ajinabraham over 3 years ago

#66 - TypeScript support

Issue - State: closed - Opened by o8e over 3 years ago - 1 comment

#65 - Update nosql_find_injection to support ES6 syntax

Pull Request - State: closed - Opened by CharlyJazz over 3 years ago

#64 - Support njsscan-ignore for templates

Pull Request - State: closed - Opened by ajinabraham over 3 years ago

#63 - njsscan-ignore in Handlebars template

Issue - State: closed - Opened by takemyoxygen over 3 years ago - 3 comments

#62 - Add ability to know which files are being scanned.

Issue - State: closed - Opened by vsviridov over 3 years ago - 1 comment

#61 - Resource not accessible by integration

Issue - State: closed - Opened by aravindvnair99 over 3 years ago - 4 comments

#60 - Something wrong with docker image

Issue - State: closed - Opened by melnikaite almost 4 years ago - 6 comments

#59 - [Feature-request] output report as html

Issue - State: closed - Opened by a-boulafia almost 4 years ago - 2 comments

#58 - Update Semgrep, Max File Size, and Sequelize rules

Pull Request - State: closed - Opened by ajinabraham almost 4 years ago

#57 - TypeScript support

Issue - State: closed - Opened by zakrush almost 4 years ago - 1 comment

#56 - Update rule file name

Issue - State: closed - Opened by ajinabraham almost 4 years ago

#55 - eval trigger

Issue - State: closed - Opened by zakrush almost 4 years ago - 2 comments

#54 - njsscan: command not found

Issue - State: closed - Opened by slaffcheff almost 4 years ago - 1 comment

#53 - compiled typescript string enums not allowed

Issue - State: closed - Opened by marcosdipaoloSV almost 4 years ago - 2 comments

#52 - Version Bump

Pull Request - State: closed - Opened by ajinabraham almost 4 years ago

#51 - Speed up contrib.nodejsscan.jwt_exposed_data.jwt_exposed_data

Pull Request - State: closed - Opened by nbrahms almost 4 years ago - 1 comment

#50 - TypeError: 'NoneType' object is not subscriptable

Issue - State: closed - Opened by zain-CSsol almost 4 years ago - 4 comments

#49 - change license to lgpl 3

Issue - State: closed - Opened by ajinabraham about 4 years ago - 1 comment

#48 - [Feature-request] Be able to supply a .njsscan config file instead of having it at the source directory root

Issue - State: closed - Opened by Matthew-Smith about 4 years ago - 2 comments

#47 - [Feature-request] Make the suppress findings comment more descriptive

Issue - State: closed - Opened by Matthew-Smith about 4 years ago - 2 comments

#46 - njsscan version bump

Pull Request - State: closed - Opened by ajinabraham about 4 years ago

#45 - Config file for pyup.io

Pull Request - State: closed - Opened by pyup-bot about 4 years ago

#44 - Initial Update

Issue - State: closed - Opened by pyup-bot about 4 years ago

#43 - Plain text format mode

Pull Request - State: closed - Opened by baudehlo about 4 years ago - 5 comments

#42 - Change to INFO

Issue - State: closed - Opened by ajinabraham about 4 years ago - 1 comment

#41 - Showing Info severity issues

Issue - State: closed - Opened by islasjuanp about 4 years ago - 2 comments

#40 - Should cookie_session_no_expires rule recognise maxAge property?

Issue - State: closed - Opened by fierydrake about 4 years ago - 4 comments

#39 - Add crypto rule

Issue - State: closed - Opened by ajinabraham about 4 years ago - 1 comment

#38 - Knex support

Issue - State: closed - Opened by adrianhelvik about 4 years ago - 2 comments
Labels: enhancement

#37 - "Semantic grep" seems to stop randomly without any output

Issue - State: closed - Opened by joelngwt about 4 years ago - 6 comments

#36 - Release Notes

Issue - State: closed - Opened by zricethezav about 4 years ago - 2 comments

#35 - SARIF + Version Bump

Pull Request - State: closed - Opened by ajinabraham about 4 years ago

#34 - Fix docker run command in README.md

Pull Request - State: closed - Opened by koi8 over 4 years ago

#33 - Could not parse filename.ts as javascript

Issue - State: closed - Opened by L3m0nb4tt3ry over 4 years ago - 1 comment

#32 - semgrep update and rule qa

Pull Request - State: closed - Opened by ajinabraham over 4 years ago

#31 - httpOnly true by default

Issue - State: closed - Opened by ajinabraham over 4 years ago - 1 comment

#30 - Wrong CWE

Issue - State: closed - Opened by ajinabraham over 4 years ago

#29 - njsscan 0.1.4

Pull Request - State: closed - Opened by ajinabraham over 4 years ago

#28 - Faulty node_nosqli_injection flags?

Issue - State: closed - Opened by natlibfi-jonollil over 4 years ago - 3 comments

GitHub / ajinabraham/njsscan issues and pull requests