Git-secrets is a security utility designed to prevent the accidental exposure of sensitive credentials by integrating automated scanning directly into the version control commit lifecycle. It functions as a commit scanner that evaluates staged files and commit messages against defined security policies before changes are finalized in a repository. The tool utilizes regular expression pattern matching to identify potential secrets and supports the registration of custom patterns to address specific organizational security requirements. To manage operational friction, it includes mechanisms for
Checks filenames to be committed against a library of filename rules to prevent sensitive files in Git
nodejsscan is a static analysis security tool and vulnerability detection engine designed to scan Node.js source code for security flaws and common coding vulnerabilities. It functions as a static application security testing tool that analyzes code without executing the program. The tool operates as a security linter that can be integrated into continuous integration pipelines to block insecure code from merging into main branches. It automates the auditing process through rule-based detection and pattern-based static analysis. The project provides capabilities for vulnerability alert autom
JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.
Principalele funcționalități ale nodesecure/cli sunt: Static Code Analysis.
Alternativele open-source pentru nodesecure/cli includ: awslabs/git-secrets — Git-secrets is a security utility designed to prevent the accidental exposure of sensitive credentials by integrating… baba-s/uni-common-test-runner. bahmutov/ban-sensitive-files — Checks filenames to be committed against a library of filename rules to prevent sensitive files in Git. bearer/bearer — Bearer is a static analysis security testing tool and privacy compliance auditor. It identifies security… darrentsung/dtuirebuildvisualizer. ajinabraham/nodejsscan — nodejsscan is a static analysis security tool and vulnerability detection engine designed to scan Node.js source code…