Node-Estree
cli
Node-Estree | cli | |
---|---|---|
1 | 12 | |
11 | 367 | |
- | 0.0% | |
4.0 | 8.6 | |
13 days ago | 7 days ago | |
TypeScript | JavaScript | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Node-Estree
-
A technical tale of NodeSecure - Chapter 2
I also had fun re-implementing the ESTree Specification in TypeScript. It helped me a lot to be more confident and comfortable with different concepts that were unknown to me until then.
cli
-
Securizing your GitHub org
📢 By the way NodeSecure CLI has a first-class support of the scorecard.
-
JS-X-Ray 6.0
Those information are visible in the NodeSecure CLI interface:
-
📦 Everything you need to know: package managers
@nodesecure/cli, a CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project
-
Announcing NodeSecure Vulnera
Fun fact: its first contribution 🐤 on NodeSecure was also on the old version of the code Scanner that managed vulnerabilities.
- GitHub - NodeSecure/cli: JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.
-
A technical tale of NodeSecure - Chapter 2
When NodeSecure was a single project the AST analysis was at most a few hundred lines in two or three JavaScript files. All the logic was coded with if and else conditions directly in the walker 🙈.
-
NodeSecure - What's new in 2022 ?
View on GitHub
-
Detect Marak Squires packages with NodeSecure
NodeSecure can now detect packages created by Marak and it will generate a global warning ⚠️.
-
Node-Secure v0.9.0
After more than ten long months of work we are finally there 😵! Version 0.9.0 has been released on npm 🚀.
-
Announcing new Node-Secure back-end
Nsecure
What are some alternatives?
meriyah - A 100% compliant, self-hosted javascript parser - https://meriyah.github.io/meriyah
catalyst - Catalyst is a set of patterns and techniques for developing components within a complex application.
kataw - An 100% spec compliant ES2022 JavaScript toolchain
estree - The ESTree Spec
estree-ast-utils - Utilities for AST (ESTree compliant)
rc - NodeSecure runtime configuration
estree-toolkit - Tools for working with ESTree AST
ci - NodeSecure tool enabling secured continuous integration
astexplorer - A web tool to explore the ASTs generated by various parsers.
js-x-ray - JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.
scanner - ⚡️ A package API to run a static analysis of your module's dependencies. This is the CLI engine!