Skip to content

Commit

Permalink
test: security scan
Browse files Browse the repository at this point in the history 
- 'npm run test:redos' now scans for REDOS issues
- added a Travis stage for 'security scan'

Fixes: #1201 (a step towards it, anyway)
  • Loading branch information
@davisjam
davisjam committed Apr 17, 2018
1 parent 4711f6b commit 02b1343
Show file tree
Hide file tree
Showing 3 changed files with 217 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .travis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,10 @@ jobs:
- node_js: lts/*
- node_js: node

- stage: security scan
script: npm run test:redos
node_js: lts/*

- stage: lint ✨
script: npm run test:lint
node_js: lts/*
Expand Down
211 changes: 211 additions & 0 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
"eslint-plugin-node": "^5.2.1",
"eslint-plugin-promise": "^3.6.0",
"eslint-plugin-standard": "^3.0.1",
"eslint-plugin-vuln-regex-detector": "^1.0.4",
"front-matter": "^2.3.0",
"glob-to-regexp": "0.3.0",
"html-differ": "^1.3.4",
Expand All @@ -47,6 +48,7 @@
"test:gfm": "npm test -- test/specs/gfm/**/*-spec.js",
"test:old": "node test",
"test:lint": "eslint bin/marked .",
"test:redos": "eslint --plugin vuln-regex-detector --rule '\"vuln-regex-detector/no-vuln-regex\": 2' lib/marked.js",
"bench": "node test --bench",
"lint": "eslint --fix bin/marked .",
"build": "uglifyjs lib/marked.js -cm --comments /Copyright/ -o marked.min.js",
Expand Down

0 comments on commit 02b1343

Please sign in to comment.