Search Results for "code scan"

Gitleaks is a fast, lightweight, portable, and open-source secret scanner for git repositories, files, and directories. With over 6.8 million docker downloads, 11.2k GitHub stars, 1.7 million GitHub Downloads, thousands of weekly clones, and over 400k homebrew installs, gitleaks is the most trusted secret scanner among security professionals, enterprises, and developers. Gitleaks-Action is our official GitHub Action. You can use it to automatically run a gitleaks scan on all your team's pull...

Coca is a toolbox that is design for legacy system refactoring and analysis, including call graph, concept analysis, api tree, and design patterns suggestions. Requirements: graphviz for dot file to image (such as svg, png). The easiest way to get coca is to use one of the pre-built release binaries which are available for OSX, Linux, and Windows on the release page.

...It works by applying configurable regular-expression patterns over commit contents (and merge history) and rejecting commits or merges that violate the policy. The tool includes hooks that integrate into git commit and git merge, as well as commands to list, add, or remove secret patterns, and to scan existing history for leaks. Teams often deploy it as part of their developer toolchain to enforce a security guardrail: you catch leaks early rather than discovering them later. It is also often used in CI pipelines or continuous code quality checks to detect in-flight vulnerabilities. While git-secrets is not a full secrets management system, it plays a key role in defense-in-depth by preventing accidental exposure in source.