Skip to content

Releases: agrawalsmart7/scodescanner

v3.1.0

03 Jun 09:17
@agrawalsmart7 agrawalsmart7
v3.1.0
a4248ee
Compare
Choose a tag to compare
v3.1.0 Latest
Latest

CHANGELOG-

  • Added yaml scanning capability
  • Better code
  • Reduces false positives
  • Improved command agrument list
  • Added new yaml rules file - rules.yaml inside rules/yaml directory.
  • ignore low hanging fruits with severity.
  • Yaml scanner have ability to give output in beautiful JSON file.
Assets 2
Loading

SCode Scanner v2.1.0

20 Apr 20:53
@agrawalsmart7 agrawalsmart7
v2.1.0
b392c7c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SCode Scanner v2.1.0

CHANGELOG:

  1. Improved Code by removing unnecessary code

  2. Improved Rules.

  3. Rules now contains the tracking of the variable,
    Example:

      $var1 = $_GET['a'];
  $var2 = $_GET['b'];
  
 echo htmlspecialchars($var1 ); This will Ignore
 echo $var1; This will match
 
 $encryptedvalue = htmlspecialchars($var2);
 echo $encryptedvalue; this will ignore
 
 echo $var2; this will match

  4. Added --check flag - Which is responsible for removing the false positives.

  5. Addded Jira intergraion - Now we can send the output file directly to Jira instance.

  6. Added Slack Integration - We can send file to slack channel

Assets 2
Loading

SCode Scanner

04 Mar 08:27
@agrawalsmart7 agrawalsmart7
v2.0.0
54fb804
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SCode Scanner

This is the automated tool to scan PHP source code with integration of semgrep.

Assets 2
Loading