How to use GitLab SAST tool to detect simple DOM vulnerability?

This page summarizes the projects mentioned and recommended in the original post on /r/webdev
NodeJS Expressjs Sast staticanalysis Devsecops

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • njsscan

    njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

    • That's the one! Rules are here: https://github.com/ajinabraham/njsscan/tree/master/njsscan/rules

  • security-products

    • Gitlab uses OSS analyzers for vulnerability detection. You will need to see what predefined rules are set up for the analyzers that were ran for the code in question. More than likely, these predefined rules will not detect everything. A POC will allow you to understand the limits of the provided rulesets, and you will need to customize your own rules for gaps that you find. You can find a list of analyzers here https://gitlab.com/gitlab-org/security-products/analyzers.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • From Express.js to Fastify [part 1]

    1 project | dev.to | 22 Apr 2024

  • Hitchhiker's Guide to Moving from Relational Data to Events

    4 projects | news.ycombinator.com | 16 Dec 2023

  • express-session issues with firefox?

    1 project | /r/node | 10 Dec 2023

  • Stop using JSON Web Tokens for user sessions

    3 projects | news.ycombinator.com | 25 Nov 2023

  • So I spent 3.5 years making a game as a website...

    1 project | /r/webdevs_of_liberty | 7 Nov 2023