CodeQL is a semantic code analysis engine and vulnerability scanning tool that treats source code as data. It utilizes a static analysis query language to define complex patterns and security vulnerabilities within a code graph database. The system represents source code as a relational database, enabling the execution of structural queries and data flow analysis. This approach allows for the detection of security flaws and coding errors across large-scale repositories. The tool provides capabilities for automated code auditing, static analysis security testing, and custom vulnerability dete
Open source local-first PR scanner that finds dead code, security bugs, secrets, quality regressions, and AI-code mistakes before merge. For first timers refer to https://duriantaco.github.io/skylos/repo-map/
Linter for dangerous Postgres migration patterns in Diesel and SQLx. Prevents downtime caused by unsafe schema changes.
Bearer is a static analysis security testing tool and privacy compliance auditor. It identifies security vulnerabilities, hard-coded secrets, and privacy risks in source code through static analysis and data flow tracing. The tool distinguishes itself by tracking the movement of sensitive data through code to identify leaks and by mapping personal and health-related information flows to generate evidence for privacy impact assessments. It also provides differential scanning for pull requests and uses fingerprint-based suppression to exclude known false positives from reports. The platform co
🐊 Pluggable and configurable JavaScript Linter, code transformer and formatter with superpowers 💪: built-in support of js, jsx, ts, markdown, yaml, toml, json and ignore. Write declarative codemods in a simplest possible way 😏
Las características principales de coderaiser/putout son: Code Analysis Frameworks, Code Analysis Platforms, Utility Plugins, Security and Vulnerability Scanning.
Las alternativas de código abierto para coderaiser/putout incluyen: github/codeql — CodeQL is a semantic code analysis engine and vulnerability scanning tool that treats source code as data. It utilizes… duriantaco/skylos — Open source local-first PR scanner that finds dead code, security bugs, secrets, quality regressions, and AI-code… ayarotsky/diesel-guard — Linter for dangerous Postgres migration patterns in Diesel and SQLx. Prevents downtime caused by unsafe schema changes. bearer/bearer — Bearer is a static analysis security testing tool and privacy compliance auditor. It identifies security… facebookarchive/pfff — Tools for code analysis, visualizations, or style-preserving source transformation. googleprojectzero/weggli — weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers…