Thank you for your interest in contributing to rnsec!
# Clone the repository
git clone https://github.com/adnxy/rnsec.git
cd rnsec
# Install dependencies
npm install
# Build the project
npm run build
# Test it locally
npm link
rnsec scan examples/vulnerable-appOpen an issue with:
- Clear description of the problem
- Steps to reproduce
- Expected vs actual behavior
- Your environment (OS, Node version)
Open an issue with:
- Use case description
- Proposed solution
- Why it would be useful
- Fork the repository
- Create a branch:
git checkout -b feature/your-feature - Make your changes following the code structure
- Build:
npm run build - Test: Test with the example apps
- Commit: Use clear commit messages
- Push:
git push origin feature/your-feature - Open a PR with a clear description
New security rules are welcome! Place them in the appropriate scanner file in src/scanners/.
Example:
const yourRule: Rule = {
id: 'YOUR_RULE_ID',
description: 'Clear description of the security issue',
severity: Severity.HIGH,
fileTypes: ['.js', '.jsx', '.ts', '.tsx'],
apply: async (context: RuleContext): Promise<Finding[]> => {
// Your detection logic
return findings;
},
};- TypeScript with strict mode
- Clear, descriptive variable names
- JSDoc comments for public functions
- Keep functions focused and small
src/
├── cli/ # Command-line interface
├── core/ # Core engine (parser, walker, reporter)
├── scanners/ # Security rule implementations
├── types/ # TypeScript type definitions
└── utils/ # Utility functions
- Open an issue
- Email: adnanpoviolabs@gmail.com
By contributing, you agree that your contributions will be licensed under the MIT License.