def main():
"""Main CLI"""
parser = argparse.ArgumentParser()
parser.add_argument("-f", "--file",
nargs='+',
help="Node.js file(s) to scan",
required=False)
parser.add_argument("-d", "--directory",
nargs='+',
help="Node.js source code directory/directories to scan",
required=False)
parser.add_argument("-o", "--output",
help="Output file to save JSON report",
required=False)
parser.add_argument("-v", "--version",
help="Show nodejsscan version",
required=False,
action='store_true')
args = parser.parse_args()
if args.directory:
scan_results = scan_dirs(args.directory)
output(args.output, scan_results)
elif args.file:
scan_results = scan_file(args.file)
output(args.output, scan_results)
elif args.version:
print("nodejsscan v" + settings.VERSION)
else:
parser.print_help()
def execute(self):
""" Run the scanner """
# Check if we are running inside SAST container
if njsscan is None:
log.error("NodeJsScan is not installed in this environment")
return
# Replace print function to hide njsscan print()s
original_print = print
builtins.print = lambda *args, **kwargs: log.debug(" ".join(
[str(item) for item in args]))
try:
# Prepare excludes
excludes = self.config.get("excludes", list())
if not isinstance(excludes, list):
excludes = [item.strip() for item in excludes.split(",")]
log.debug("Excludes: %s", excludes)
# Collect files to scan
scan_target = list()
base = os.path.normpath(self.config.get("code"))
for root, _, files in os.walk(base):
# Normalize relative dir path
subpath = os.path.normpath(root)[len(base):]
if subpath.startswith(os.sep):
subpath = subpath[len(os.sep):]
# Check if dir (or any parent) is in excludes
skip_dir = False
for item in excludes:
if item.endswith(os.sep) and subpath.startswith(item):
skip_dir = True
# Skip dir if needed
if subpath + os.sep in excludes or skip_dir:
log.debug("Skipping dir %s", root)
continue
# Iterate files
for name in files:
target = os.path.join(root, name)
# Skip file if in excludes (direct match)
if os.path.join(subpath, name) in excludes:
log.debug("Skipping file %s", target)
continue
# Add to files to scan
scan_target.append(target)
# Run scanner
result = njsscan.scan_file(scan_target)
finally:
# Restore print function
builtins.print = original_print
# Parse result
parse_findings(result, self)
# Save intermediates
self.save_intermediates(result)
import core.scanner as njsscan res_dir = njsscan.scan_dirs(['./static/js']) res_file = njsscan.scan_file(['./static/js/jquery.min.js']) print(res_file)