References

These are some references I used along with the ones mentioned implicitly in the report:

• https://hub.docker.com/_/sonarqube/
• https://medium.com/@rosaniline/setup-sonarqube-with-jenkins-declarative-pipeline-75bccdc9075f
• https://codebabel.com/sonarqube-with-jenkins/amp/
• https://github.com/xseignard/sonar-js
• https://discuss.bitrise.io/t/sonarqube-authorization-problem/4229/2
• https://www.sonarqube.org/
• https://docs.npmjs.com/cli/audit
• https://github.com/ajinabraham/NodeJsScan
• https://retirejs.github.io/retire.js/
• https://www.owasp.org/index.php/OWASP_Dependency_Check
• https://github.com/sonatype-nexus-community/auditjs
• https://github.com/snyk/snyk#cli
• https://github.com/nodesecurity/nsp
• https://github.com/dvolvox/JSpwn
• https://github.com/dpnishant/jsprime
• https://github.com/mozilla/scanjs