Translating JavaScript and TypeScript Code
You can analyze JavaScript projects that contain JavaScript, TypeScript, JSX, and TSX source files, as well as JavaScript embedded in HTML files.
Some JavaScript frameworks are transpiled (source-to-source compilation) to plain JavaScript. This generated code is optimized., minimized, or both. Therefore, you might want to exclude it from translation because it would be challenging to fix any vulnerabilities Fortify Static Code Analyzer might report in this code. Use the -exclude command-line option to manually exclude this type of code.
Fortify Static Code Analyzer does not translate minified JavaScript (*.min.js).
Note: When you translate JavaScript and TypeScript code, make sure that you specify all source files together in one invocation. Fortify Static Code Analyzer does not support adding new files to the file list associated with the build ID
Name of an application being analyzed. on subsequent invocations.
This section contains the following topics: