JavaScript and TypeScript properties

The properties for the fortify-sca.properties file in the following table apply to the translation of JavaScript and TypeScript code.

Property name	Description
`com.fortify.sca.EnableDOMModeling`	If set to true, OpenText SAST generates JavaScript code to model the DOM tree that an HTML file generated during the translation phase and identifies DOM-related issues (such as cross-site scripting issues). Enable this property if the code you are translating includes HTML files that have embedded or referenced JavaScript code. Enabling this property can increase the translation time. Value type: Boolean Default: `false`
`com.fortify.sca.DOMModeling.tags`	If you set the `com.fortify.sca.EnableDOMModeling` property to true, you can specify additional coma-separated HTML tags names for OpenText SAST to include in the DOM modeling. Value type: String Default: `body`, `button`, `div`, `form`, `iframe`, `input`, `head`, `html`, and `p`. Example: `com.fortify.sca.DOMModeling.tags=ul,li`
`com.fortify.sca.JavaScript.src.domain.whitelist`	Specifies trusted domain names where OpenText SAST can download referenced JavaScript files for the scan. Delimit the URLs with vertical bars. Value type: String Default: (none) Example: `com.fortify.sca.JavaScript.src.domain.whitelist=http://www.xyz.com\|http://www.123.org`
`com.fortify.sca.DisableJavascriptExtraction`	If set to true, JavaScript code embedded in JSP, JSPX, PHP, and HTML files is not extracted and not scanned. Value type: Boolean Default: `false`
`com.fortify.sca.EnableTranslationMinifiedJS`	If set to true, enables translation for minified JavaScript files. Value type: Boolean Default: `false`
`com.fortify.sca.skip.libraries.ES6` `com.fortify.sca.skip.libraries.jQuery` `com.fortify.sca.skip.libraries.javascript` `com.fortify.sca.skip.libraries.typescript`	Specifies a list of comma- or colon-separated JavaScript or TypeScript technology library files that are not translated. You can use regular expressions in the file names. Note that the regular expression `'(-\d\.\d\.\d)?'` is automatically inserted before `.min.js` or `.js` for each file name included in the `com.fortify.sca.skip.libraries.jQuery` property value. Value type: String Defaults: ES6: `es6-shim.min.js,system-polyfills.js,shims_for_IE.js` jQuery: `jquery.js,jquery.min.js, jquery-migrate.js,jquery-migrate.min.js, jquery-ui.js,jquery-ui.min.js, jquery.mobile.js,jquery.mobile.min.js, jquery.color.js,jquery.color.min.js, jquery.color.svg-names.js, jquery.color.svg-names.min.js, jquery.color.plus-names.js, jquery.color.plus-names.min.js, jquery.tools.min.js` javascript: `bootstrap.js,bootstrap.min.js,typescript.js,typescriptServices.js` typescript: `typescript.d.ts,typescriptServices.d.ts`
`com.fortify.sca.follow.imports`	If set to true, files included with an import statement are included in the translation. Value type: Boolean Default: `true`
`com.fortify.sca.exclude.node.modules`	If set to true, files in a node_modules directory are excluded from the analysis phase. Value type: Boolean Default: `true`
`com.fortify.sca.exclude.unimported.node.modules`	Specifies whether to exclude source code in a node_modules directory. If set to true, only imported node_modules are included in the translation. This property is only applied if `com.fortify.sca.exclude.node.modules` is set to false. Value type: Boolean Default: `true`

Translating JavaScript and TypeScript Code