semgrep / semgrep-vscode
Semgrep extension for Visual Studio Code
☆56Updated this week
Alternatives and similar repositories for semgrep-vscode:
Users that are interested in semgrep-vscode are comparing it to the libraries listed below
- Documentation of Semgrep: a fast, open-source, static analysis tool.☆39Updated this week
- This project is deprecated. Use https://github.com/returntocorp/semgrep instead☆73Updated 10 months ago
- Feed parsing for language package manager updates☆76Updated 2 months ago
- SARIF Microsoft Visual Studio Code extension☆113Updated 4 months ago
- Manager of third-party sources of Semgrep rules 🗂☆78Updated 7 months ago
- ☆18Updated last year
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆38Updated 2 months ago
- A wrapper around jq, to help you parse jq output!☆30Updated 4 years ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆23Updated 7 months ago
- Maturity Model Collaborative project☆14Updated last year
- ☆13Updated 4 months ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆35Updated 3 years ago
- A React-based component for viewing SARIF files.☆91Updated 3 months ago
- A meta-database collecting resources that compile lists of breaches☆18Updated 3 months ago
- Salesforce Policy Deviation Checker☆30Updated 4 years ago
- ZAP Management Scripts☆22Updated this week
- SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results☆22Updated 3 weeks ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆105Updated this week
- ☆28Updated 2 years ago
- Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆62Updated 3 weeks ago
- Dependency Combobulator☆89Updated last year
- A tool to check the security settings of Github Organizations.☆71Updated last year
- ☆22Updated 3 years ago
- ☆16Updated 8 months ago
- A place to systematically store software bill of materials (SBOM) documents.☆44Updated last year
- TSLint rules for Angular☆18Updated 6 years ago
- AWS STS token decoder☆37Updated 6 months ago
- Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks☆58Updated 2 years ago
- A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs☆52Updated last year
- Generate thousands of pull requests to fix widespread security vulnerabilities across GitHub.☆34Updated 2 weeks ago