def main(): """Main CLI""" parser = argparse.ArgumentParser() parser.add_argument("-f", "--file", nargs='+', help="Node.js file(s) to scan", required=False) parser.add_argument("-d", "--directory", nargs='+', help="Node.js source code directory/directories to scan", required=False) parser.add_argument("-o", "--output", help="Output file to save JSON report", required=False) parser.add_argument("-v", "--version", help="Show nodejsscan version", required=False, action='store_true') args = parser.parse_args() if args.directory: scan_results = scan_dirs(args.directory) output(args.output, scan_results) elif args.file: scan_results = scan_file(args.file) output(args.output, scan_results) elif args.version: print("nodejsscan v" + settings.VERSION) else: parser.print_help()
def execute(self): """ Run the scanner """ # Check if we are running inside SAST container if njsscan is None: log.error("NodeJsScan is not installed in this environment") return # Replace print function to hide njsscan print()s original_print = print builtins.print = lambda *args, **kwargs: log.debug(" ".join( [str(item) for item in args])) try: # Prepare excludes excludes = self.config.get("excludes", list()) if not isinstance(excludes, list): excludes = [item.strip() for item in excludes.split(",")] log.debug("Excludes: %s", excludes) # Collect files to scan scan_target = list() base = os.path.normpath(self.config.get("code")) for root, _, files in os.walk(base): # Normalize relative dir path subpath = os.path.normpath(root)[len(base):] if subpath.startswith(os.sep): subpath = subpath[len(os.sep):] # Check if dir (or any parent) is in excludes skip_dir = False for item in excludes: if item.endswith(os.sep) and subpath.startswith(item): skip_dir = True # Skip dir if needed if subpath + os.sep in excludes or skip_dir: log.debug("Skipping dir %s", root) continue # Iterate files for name in files: target = os.path.join(root, name) # Skip file if in excludes (direct match) if os.path.join(subpath, name) in excludes: log.debug("Skipping file %s", target) continue # Add to files to scan scan_target.append(target) # Run scanner result = njsscan.scan_file(scan_target) finally: # Restore print function builtins.print = original_print # Parse result parse_findings(result, self) # Save intermediates self.save_intermediates(result)
import core.scanner as njsscan res_dir = njsscan.scan_dirs(['./static/js']) res_file = njsscan.scan_file(['./static/js/jquery.min.js']) print(res_file)