Skip to content
/ semhook Public

Combining Semgrep and Starhook to do on demand scanning of multiple repositories

License

Apache-2.0 license
0 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hoeg/semhook

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

82 Commits
.github
.github
 
 
client
client
 
 
cmd
cmd
 
 
internal
internal
 
 
rules
rules
 
 
test
test
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

semhook

Combining Semgrep and Starhook to do on demand scanning of multiple repositories

Semhook is a web application. It serves the following endpoints:

/scan

/sync

/repo

/scan

POST request. Accepts a file containing the rule you want to run on all the repositories

/sync

GET request. Ensures all repositories are up to date

Getting started

Semgrep and Starhook must be available on the host.

Starhook with a configuration that syncs the repositories you want to run tests agains.

Set the environment variable SEMHOOK_REPO_ROOT=<rRepositories Directory> from the output of $ starhook config show.

TODO

  • Consider if options should be given to the scan
  • Initializing starhook remotely
  • list starhook configs and switch between them
  • cache results?

Pieced together with the help of ChatGPT <3

About

Combining Semgrep and Starhook to do on demand scanning of multiple repositories

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages