Best 7 Node.js static analysis tools

InsiderSec

A open source Static Application Security Testing tool (SAST) written in GoLang for Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C# and Javascript (Node.js).

java
mobile
kotlin
swift
dotnet
javascript
nodejs
csharp

Checkmarx CxSAST

Commercial Static Code Analysis which doesn't require pre-compilation.

apex
asp
c
cpp
csharp
go
groovy
html
java
javascript
mobile
nodejs
objectivec
perl
phonegap
php
python
ruby
scala
swift
vbnet
vbasic
vbscript
visualforce

NodeJSScan

NodeJsScan is a static security code scanner for Node.js applications.

javascript
nodejs

RIPS

A static source code analyser for vulnerabilities in PHP scripts.

php
java
nodejs

standard

An npm module that checks for Javascript Styleguide issues.

javascript
nodejs

Synopsys

A commercial static analysis platform that allows for scanning of multiple languages (C/C++, Android, C#, Java, JS, PHP, Python, Node.JS, Ruby, Fortran, and Swift).

c
ci
cpp
csharp
fortran
java
javascript
mobile
nodejs
php
python
ruby
swift

WhiteHat Application Security Platform

WhiteHat Scout (for Developers) combined with WhiteHat Sentinel Source (for Operations) supporting WhiteHat Top 40 and OWASP Top 10.

java
csharp
aspnet
php
javascript
nodejs
objectivec
mobile
html
typescript