Commit 7be77694 authored Nov 23, 2021 by Pierre Smeyers

Merge branch 'sarif-format' into 'master'

feat(nodejsscan): add SARIF output format

Closes #9

See merge request to-be-continuous/node!9

parents a5f5a1c6 b95ca310

README.md

+1 −1

Original line number	Diff line number	Diff line
		@@ -265,7 +265,7 @@ To activate the NodeJsScan, you need to set some VARIABLES
		\| --------------------- \| ----------------- \| ----------------- \|
		\| `NODEJSSCAN_ENABLED` \| Set to `true` to enable njsscan analysis \| _none_ (disabled) \|
		\| `NODEJSSCAN_IMAGE` \| njsscan image \| `opensecurity/njsscan:latest` \|
		\| `NODEJSSCAN_ARGS` \| njsscan [arguments](https://github.com/ajinabraham/njsscan#command-line-options) \| `-o reports/nodejsscan-report.txt` \|
		\| `NODEJSSCAN_ARGS` \| njsscan [arguments](https://github.com/ajinabraham/njsscan#command-line-options) \| _none_ \|

		## GitLab compatibility

kicker.json

+0 −1

Original line number	Diff line number	Diff line
		@@ -113,7 +113,6 @@
		{
		"name": "NODEJSSCAN_ARGS",
		"description": "njsscan [arguments](https://github.com/ajinabraham/njsscan#command-line-options)",
		"default": "-o reports/nodejsscan-report.txt",
		"advanced": true
		}
		]

templates/gitlab-ci-node.yml

+2 −2

Original line number	Diff line number	Diff line
		@@ -36,7 +36,6 @@ variables:

		# NodeJsScan
		NODEJSSCAN_IMAGE: 'opensecurity/njsscan:latest'
		NODEJSSCAN_ARGS: "-o reports/nodejsscan-report.txt"

		# NPM audit
		# deprecated - kept for retro-compatibility purpose
		@@ -320,7 +319,8 @@ node-js-scan:
		stage: test
		script:
		- mkdir -p reports
		- njsscan $NODEJSSCAN_ARGS ${NODE_SOURCE_DIR}
		- njsscan $NODEJSSCAN_ARGS -o reports/nodejsscan-report.txt ${NODE_SOURCE_DIR} \|\| true
		- njsscan $NODEJSSCAN_ARGS --sarif -o reports/nodejsscan-report-sarif.json ${NODE_SOURCE_DIR}
		artifacts:
		when: always
		name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"