3 个仓库
Scans Ruby source files for security vulnerabilities using pattern matching and cross-file data flow analysis.
Distinct from Source Code Vulnerability Scanning: Distinct from Source Code Vulnerability Scanning: focuses specifically on Ruby codebases, including .rb, .erb, .haml, .rhtml, .slm files.
Explore 3 awesome GitHub repositories matching security & cryptography · Ruby Static Analysis. Refine with filters or upvote what's useful.
Snyk is an application security testing platform designed to identify and remediate vulnerabilities across source code, open-source dependencies, container images, and infrastructure-as-code configurations. It functions as a comprehensive security workflow automation tool, utilizing a static analysis engine and dependency graph mapping to detect security flaws and license compliance issues throughout the software development lifecycle. The platform distinguishes itself through agentic workflow orchestration and an automated remediation pipeline that generates and submits pull requests to patc
Scans Ruby source code for security vulnerabilities using pattern matching and cross-file data flow analysis.
The Snyk CLI is a command-line security scanner that detects known vulnerabilities across open-source dependencies, proprietary application code, container images, and infrastructure-as-code configuration files. It also serves as a platform management tool, allowing users to configure organizations, users, SSO, and reporting from the terminal rather than the web dashboard. The CLI integrates directly into development workflows, enabling scanning within IDEs, build pipelines, and version control systems. It implements static analysis with interfile data flow analysis to find complex security f
Scans Ruby source files for security vulnerabilities using cross-file static analysis.
本项目是一个针对 Ruby on Rails 的静态分析工具和 Linter,旨在识别架构异味和最佳实践违规。它充当 Rails 应用的代码质量 Linter、架构审计员、安全扫描器和性能分析器。 该工具评估控制器、模型和视图模板之间的关注点分离,以减少技术债务。它识别次优的编码模式并强制执行风格一致性,同时专门扫描安全漏洞,如模型中未受保护的批量赋值。 分析范围涵盖检测低效的数据库查询和内存密集型数据检索模式。它还审计路由设计、验证记录持久化,并识别不当的错误处理和时区配置错误。 用户可以通过配置文件定义要启用或禁用的代码检查来管理分析。
Scans Ruby on Rails source code to identify architectural smells, bugs, and best practice violations.