Name	Name	Last commit message	Last commit date
parent directory ..
files-ccnumber	files-ccnumber
files-contents	files-contents
files-entropy	files-entropy
files-secrets	files-secrets
java-find-secbugs	java-find-secbugs
java-outdated-dependencies	java-outdated-dependencies
java-owasp	java-owasp
node-npmaudit	node-npmaudit
node-npmoutdated	node-npmoutdated
node-yarnaudit	node-yarnaudit
node-yarnoutdated	node-yarnoutdated
php-security-checker	php-security-checker
python-bandit	python-bandit
python-piprot	python-piprot
python-safety	python-safety
ruby-brakeman	ruby-brakeman
ruby-bundler-scan	ruby-bundler-scan
rust-cargoaudit	rust-cargoaudit
README.md	README.md
index.js	index.js

Name

Last commit message

Last commit date

java-outdated-dependencies

Modules

Appending modules is fairly straightforward by adding a subfolder that adheres to the following criteria:

Folder naming convention

Please adhere to the folder naming convention [language]-[tool], e.g. node-npmaudit.

index.js

This is the actual module

Exposes a key property by which it can be uniquely identified, typically the folder name
Exposes a description property with a meaningful explanation of what it is supposed to do
Exposes an enabled property that indicates whether this module should run by default. Modules that can produce many false positives should not run by default.
Exposes an asynchronous handles hook that resolves to true or false, indicating that this module can run on the target folder. The handles hook receives an instance of FileManager which acts as a proxy to the files within the target.
Exposes an asynchronous handles hook that resolves with an instance of ModuleResults that gathers the findings of this module. The handles hook receives an instance of FileManager which acts as a proxy to the files within the target.

'use strict'

const path = require('path')
const ModuleResults = require('../../results')
const exec = require('../../exec')

const key = __dirname.split(path.sep).pop()
module.exports = {
  /**
   * Module Metadata
   */
  key,
  description: 'Example of how to write a module and shell out a command',

  /**
   * Is the module enabled by default
   */
  enabled: false,

  /**
   * Determines whether the module is able to run on the target
   *
   * @param {FileManager} fm Proxy access to the files within the current scan context
   * @returns {Boolean} true if the module should run, false otherwise
   */
  handles: fm => true,

  /**
   * The actual execution of the module.
   *
   * @param {FileManager} fm Proxy access to the files within the current scan context
   * @returns {Promise}
   */
  run: async fm => {
    const results = new ModuleResults(key)
    const { stdout } = exec.command('ls -al', { cwd: fm.target })
    results.low({ offender: '', code: 4, description: '', mitigation: '' })
    results.medium({ offender: '', code: 3, description: '', mitigation: '' })
    results.high({ offender: '', code: 2, description: '', mitigation: '' })
    results.critical({ offender: '', code: 1, description: '', mitigation: '' })

    return results
  }
}

Tests

Please co-locate your tests in the __tests__ subfolder and add all the necessary samples for unit testing the module therein.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

Modules

Folder naming convention

index.js

Tests

FilesExpand file tree

modules

Directory actions

More options

Directory actions

More options

Latest commit

History

modules

Folders and files

parent directory

README.md

Modules

Folder naming convention

index.js

Tests