Skip to content

Commit 34c45bf

Browse files
davisjamdavisjam
committed
test: security scan
- 'npm run test:redos' now scans for REDOS issues - added a Travis stage for 'security scan'
1 parent 3130e62 commit 34c45bf

File tree

3 files changed

+217
-0
lines changed

3 files changed

+217
-0
lines changed

.travis.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,10 @@ jobs:
1313
- node_js: lts/*
1414
- node_js: node
1515

16+
- stage: security scan
17+
script: npm run test:redos
18+
node_js: lts/*
19+
1620
- stage: lint ✨
1721
script: npm run test:lint
1822
node_js: lts/*

package-lock.json

Lines changed: 211 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@
2929
"eslint-plugin-node": "^5.2.1",
3030
"eslint-plugin-promise": "^3.6.0",
3131
"eslint-plugin-standard": "^3.0.1",
32+
"eslint-plugin-vuln-regex-detector": "^1.0.4",
3233
"front-matter": "^2.3.0",
3334
"glob-to-regexp": "0.3.0",
3435
"html-differ": "^1.3.4",
@@ -47,6 +48,7 @@
4748
"test:gfm": "npm test -- test/specs/gfm/**/*-spec.js",
4849
"test:old": "node test",
4950
"test:lint": "eslint bin/marked .",
51+
"test:redos": "eslint --plugin vuln-regex-detector --rule '\"vuln-regex-detector/no-vuln-regex\": 2' lib/marked.js",
5052
"bench": "node test --bench",
5153
"lint": "eslint --fix bin/marked .",
5254
"build": "uglifyjs lib/marked.js -cm --comments /Copyright/ -o marked.min.js",

0 commit comments

Comments
 (0)