Make rnsec the go-to security scanner for React Native developers worldwide - trusted, fast, and comprehensive.
Released: December 2024
- ✅ 63 comprehensive security rules
- ✅ Android & iOS platform-specific checks
- ✅ HTML & JSON reporting
- ✅ Zero-config CLI
- ✅ Debug context filtering
- ✅ 27+ API key patterns
Focus: Stability & Developer Experience
- Unit tests for all scanners (80% coverage target)
- Integration tests
- CI/CD pipeline (GitHub Actions)
- Automated releases
- ESLint configuration
- Prettier for code formatting
- Pre-commit hooks with Husky
- Commitlint for conventional commits
- Video tutorials
- Interactive examples
- API documentation
- Migration guides
Focus: More Rules & Better Accuracy
- SQL injection patterns
- GraphQL security issues
- Firebase misconfigurations
- AWS Amplify security checks
- React Navigation security
- Permissions over-requesting detection
- ML-based context detection
- Configurable rule severity
- Custom rule exclusions
- Whitelist file patterns
- Parallel file processing
- Incremental scanning
- Cache scan results
- 10x faster on large codebases
Focus: Flexibility & Integration
-
.rnsecrcsupport (JSON/YAML) - Rule enable/disable
- Custom severity levels
- Ignore patterns
- Team presets
- VS Code extension
- Real-time inline warnings
- Auto-fix suggestions
- Quick actions
- GitHub Actions marketplace action
- GitLab CI template
- CircleCI orb
- Bitbucket Pipelines
- SARIF output format
Focus: Extensibility & Community
- Custom rule plugins
- Community rule marketplace
- Plugin API documentation
- Example plugins
- Slack notifications
- Jira issue creation
- SonarQube integration
- Snyk integration
- Rule suggestions from community
- Public rule database
- Shared configurations
- Security benchmarks
Focus: Advanced Analysis & AI
- Data flow analysis
- Inter-procedural analysis
- Taint tracking
- Control flow analysis
- AI-assisted rule suggestions
- Natural language rule queries
- Auto-fix with AI
- Explain security issues with AI
- Online report viewer
- Team dashboards
- Trend analysis
- Security score tracking
- iOS/Android app for viewing reports
- Push notifications for new issues
- Team collaboration
Vote on features: https://github.com/adnxy/rnsec/discussions
- IDE Extensions (VS Code, IntelliJ)
- Custom rules without plugins
- SARIF format support
- Faster scanning
- Auto-fix capabilities
- Security training courses
- Best practices guide
- Common vulnerabilities explained
- Fix tutorials
- Self-hosted version
- SSO integration
- Advanced reporting
- Compliance reports (OWASP, PCI-DSS)
- Academic partnerships
- Vulnerability research
- Open security database
- CVE tracking
Have ideas? We'd love to hear them!
- Vote on existing features in Discussions
- Propose new features via Feature Request
- Contribute by picking up issues labeled
good-first-issueorhelp-wanted
We measure success by:
- Adoption: npm downloads & GitHub stars
- Quality: False positive rate < 5%
- Performance: Scan 1000 files in < 1 second
- Community: Active contributors & discussions
- Impact: Vulnerabilities prevented in production apps
Last Updated: December 2024
Status: Active Development 🚀
For questions about the roadmap: adnanpoviolabs@gmail.com