Improved local detection for Node.js modules

Background

Previously, the initial detection for Node.js on Linux systems via plugin 178772, reported all Node.js modules and did not distinguish between top level modules and those that are installed as dependencies. This often resulted in the output showing multiple installs of the same module. While this was technically correct, it caused some confusion in terms of modules that could or could not be directly patched/updated by the user. Because Node.js is used by many web applications, the previous plugin output had a negative impact of bloating our users’ scan results.  

Changes

To address these problems, optimize this detection, and reduce the size of the relevant scan artefacts, this plugin has been updated so that it now only reports top level modules that are installed, while modules installed as dependencies are reported separately, via a CSV attachment in the plugin output. For Tenable Security Center, attachments in plugin outputs are not possible, so the dependency module will be reported as text output. These change will provide focused customer advisement on the Node.js modules that can and should (when necessary) be updated.

During scanning, we have taken steps to optimize the commands this plugin runs, and how their outputs are stored and processed.

Impact

Users should expect to see smaller, more cohesive output for plugin 178772, as the plugin now only reports top level modules that are installed. Modules installed as dependencies are now reported via a CSV attachment in the plugin. In terms of scan performance and footprint, the changes made here have significantly reduced the relative size of the overall scan database, KB and logs associated with this plugin (attached in the output of plugin 84239, Debugging Log Report). 

Impacted Plugins

• 178772 - Node.js Modules Installed (Linux)
• 84239 - Debugging Log Report

Target Release Date

January 8, 2024