Introduction

rnsec is an open-source static analysis security scanner built specifically for React Native and Expo applications. It performs comprehensive security audits without executing code, analyzing the Abstract Syntax Tree (AST) and file contents to identify vulnerabilities, exposed secrets, and security misconfigurations.

Privacy First

All scanning happens locally on your machine. Your code never leaves your system. Zero data collection, zero external API calls.

Key Characteristics

  • Privacy-First: All scanning happens locally on the developer's machine
  • Zero Configuration: Works out-of-the-box with a single command
  • Fast Performance: Scans entire codebases in seconds using parallel AST parsing
  • Comprehensive Coverage: 68+ security rules across 13 categories
  • CI/CD Ready: JSON output and exit codes for pipeline integration
  • Beautiful Reports: Interactive HTML dashboard with filtering and detailed findings

Key Features

AST-Based Analysis

Deep code inspection using Abstract Syntax Trees

68+ Security Rules

Comprehensive vulnerability detection across 13 categories

Interactive Reports

Beautiful HTML dashboard with filtering

Lightning Fast

Scan entire codebases in seconds

CI/CD Integration

GitHub Actions, GitLab CI, Jenkins support

Zero Config

Works immediately with sensible defaults

Requirements

  • Node.js 14+
  • npm or yarn
  • Works on macOS, Linux, and Windows
Next
Installation
© 2025 rnsec • Open source security
HomeDocumentationGitHub