Support for ECMAScript about nodejsscan HOT 6 CLOSED

Are these scripts intended to run at server side using Node.js or at client side via browsers?

from nodejsscan.

ECMAScripts are just coding standards for javascript that is supported by Javascript Engine. If used in Node.js it will run on server side.

Nodejs ECMA : https://nodejs.org/en/docs/es6/

Below link is for client side but similar code can be used on server side.
https://www.w3schools.com/js/js_es6.asp

from nodejsscan.

NodeJsScan by design will try to avoid scanning JavaScript files meant for client side to avoid false positives.
I think, import has to be supported. But the big downside is, now it's difficult to distinguish between server side and client side JS.

from nodejsscan.

I will check if we can differentiate by some means.

from nodejsscan.

My 2¢ is that users of NodeJsScan tend to know the anatomy of their project well, and are in a good position to configure something to explicitly delineate which files are Node files and which are browser-targeted. We have some files that are isomorphic and run in both contexts, which will likely make any heuristic-based approach inaccurate. I'd be happy to configure the tool either via a config file or a CLI flag.

Another option might be to start at the entry-point for a project and traverse the included modules by looking at import and require statements, expanding the included files and assuming they're all Node files.

from nodejsscan.

We don't distinguish between client side/server side javascript now.
Take a look at our new CLI tool: https://github.com/ajinabraham/njsscan

from nodejsscan.