Reshift is a lightweight JavaScript security plugin for NPM that quickly finds vulnerabilities, offers multiple code remediation snippets and DevSec coaching to help build more secure code.
The plugin is for JavaScript developers looking to integrate security seamlessly into their software development practices. Reshift is wholly focused on security, allowing developers to meaningfully shift left - fixing security bugs early on.
- A curated list of JavaScript security checks, vetted by security experts
- Rich developer-centric issue descriptions
- DevSec coach and remediation assitance
- Additional vulnerability resources
NOTE: Javascript scanning is only availabe to a closed beta group. To join the waitlist visit reshiftsecurity.com and #.
Visit our documentation for help setting up NPM https://docs.reshiftsecurity.com/integrations/npm.
$ npm install -g @reshiftsecurity/reshift-plugin-npmYou will need a reshift account to able to use this plugin. # for free here
Follow this instructions to on-board your git project and obtain your reshift token. You can then scan your project by running this command inside your project root:
$ reshift-scan -t <your reshift token here>For more optional parameters, use the help argument -h
$ reshift-scan -hHave more questions? Feel free to contact us