3 个仓库
Tools specifically for auditing security and identifying insecure patterns in Node.js applications.
Distinguishing note: No candidates specifically cover the auditing of Node.js source code security patterns.
Explore 3 awesome GitHub repositories matching security & cryptography · Node.js Security Auditing. Refine with filters or upvote what's useful.
该项目是一个用于 Vue.js 的 ESLint 插件和静态代码分析器。它提供了一套 Linting 规则,用于检测常见错误、验证模板和脚本,并在单文件组件中强制执行一致的编码标准。 该插件的特点在于分析脚本块和模板块之间的关系,以验证跨块属性的使用。它识别易出错的模式、检测已弃用的 API,并限制原始 HTML 渲染等危险模式,以防止安全漏洞。 其更广泛的功能涵盖了组件命名和结构的验证、社区驱动样式指南的强制执行,以及模板格式和表达式语法的标准化。它还包括对 JSX 的支持以及与外部解析器的集成。 该工具提供了多种 Linting 标准预设,范围从基础的错误预防到全面的一致性默认设置。
Identifies dangerous patterns in Vue.js templates, such as raw HTML rendering, to prevent security vulnerabilities.
nodejsscan is a static analysis security tool and vulnerability detection engine designed to scan Node.js source code for security flaws and common coding vulnerabilities. It functions as a static application security testing tool that analyzes code without executing the program. The tool operates as a security linter that can be integrated into continuous integration pipelines to block insecure code from merging into main branches. It automates the auditing process through rule-based detection and pattern-based static analysis. The project provides capabilities for vulnerability alert autom
Identifies insecure coding patterns and vulnerabilities within JavaScript and Node.js applications.
This project provides a comprehensive architectural framework and set of standardized patterns for building, securing, and scaling production-ready Node.js applications. It serves as a foundational guide for establishing consistent development workflows, operational observability, and reliable service integration across distributed software systems. The framework distinguishes itself by emphasizing a schema-first approach to API development, ensuring that interface definitions drive the creation of server stubs, client libraries, and type definitions. It promotes a cloud-native posture by int
Implements defensive coding, dependency scanning, and secret management to protect the software supply chain.