Show HN: I built a PR listener and ruleset to detect malicious code in CI/CD https://ift.tt/5aMCm4l

February 25, 2025

Show HN: I built a PR listener and ruleset to detect malicious code in CI/CD https://ift.tt/5aMCm4l

Show HN: I built a PR listener and ruleset to detect malicious code in CI/CD I built a GitHub app that detects it in pull requests, notifies or blocks them. Alongside it, I published a Semgrep ruleset for any stage of the CI/CD. I started this after getting frustrated by all the FUD around malicious code - lots of noise, little effort to solve it. Having said that, it's still a major attack vector - a stored RCE, with the codebase itself as the sink. Feedback is appreciated. The app, PRevent - https://ift.tt/5nbAo2E The ruleset: https://ift.tt/v2jlkDs The research: https://ift.tt/O2Lgw7k... https://ift.tt/5nbAo2E February 26, 2025 at 12:52AM

Search This Blog

Hd mp4, Hollywood DVDRip Latest movies Bollywood Dual Audio,

Show HN: I built a PR listener and ruleset to detect malicious code in CI/CD https://ift.tt/5aMCm4l

Comments

Post a Comment

Popular Posts

Show HN: Computer Engineering for Babies (Book) https://t.co/JVBVS9tf7y Show HN: Computer Engineering for Babies (Book) https://t.co/flag31aVvy August 31, 2021 at 12:32AM https://t.co/rQFjtIJb9c

Show HN: Prompteus – Visual workflow builder for shipping better AI features https://ift.tt/G0cQ649