Projects with this topic
Sort by:
-
This project sets up Static Application Security Testing (SAST) in a GitLab CI/CD pipeline using two tools:
NJSScan → A security scanner specialized for JavaScript applications. It analyzes source code and flags insecure coding patterns and vulnerabilities.
Semgrep → A lightweight, multi-language static analysis tool that uses rulesets (such as p/javascript) to detect vulnerabilities, insecure practices, and style issues across different programming languages.
Updated