A technical tale of NodeSecure - Chapter 2

This page summarizes the projects mentioned and recommended in the original post on dev.to

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • js-x-ray

    JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.

    I'm back at writing for a new technical article on NodeSecure. This time I want to focus on the SAST JS-X-Ray 🔬.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
  • astexplorer

    A web tool to explore the ASTs generated by various parsers.

    I also quickly became familiar with the tool ASTExplorer which allows you to analyze the tree and properties for a specific code.

  • estree

    The ESTree Spec

    When I started the NodeSecure project I had almost no experience 🐤 with AST (Abstract Syntax Tree). My first time was on the SlimIO project to generate codes dynamically with the astring package (and I had also looked at the ESTree specification).

  • meriyah

    A 100% compliant, self-hosted javascript parser - https://meriyah.github.io/meriyah

    I discovered the package estree-walker from Rich Harris which was compatible with the EStree spec. Combined with the meriyah package this allows me to convert a JavaScript source into an ESTree compliant AST.

  • Node-Estree

    Complete and compliant ESTree spec implementation in TypeScript

    I also had fun re-implementing the ESTree Specification in TypeScript. It helped me a lot to be more confident and comfortable with different concepts that were unknown to me until then.

  • estree-ast-utils

    Discontinued Utilities for AST (ESTree compliant)

    Since i created my own set of AST utilities including getMemberExpressionIdentifier.

  • cli

    JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project. (by NodeSecure)

    When NodeSecure was a single project the AST analysis was at most a few hundred lines in two or three JavaScript files. All the logic was coded with if and else conditions directly in the walker 🙈.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • ESLint Understand By Doing Part 1: Abstract Syntax Trees

    2 projects | dev.to | 30 Mar 2023
  • ESLint: under the hood

    4 projects | dev.to | 7 Nov 2023
  • Building a JSON Parser from scratch with JS 🤯

    7 projects | dev.to | 1 Aug 2023
  • Criando um Parser de JSON do zero

    7 projects | dev.to | 24 Feb 2023
  • Speeding up the JavaScript ecosystem part 3 – eslint

    2 projects | news.ycombinator.com | 6 Feb 2023

Did you konow that JavaScript is
the 3rd most popular programming language
based on number of metions?