Skip to content
forked from globocom/huskyCI

Performing security tests inside your CI

License

Notifications You must be signed in to change notification settings

spimpaov/huskyCI

 
 

Repository files navigation

huskyCI - Performing security tests inside your CI

CircleCI

huskyCI is an open source tool that performs security tests inside CI pipelines of multiple projects and centralizes all results into a database for further analysis and metrics.

How does it work?

The main goal of this project is to help development teams improve the quality of their code by finding vulnerabilities as soon as possible.

huskyCI can perform static security analysis in Python (Bandit and Safety), Ruby (Brakeman), JavaScript (RetireJS) and Golang (Gosec). You should check our wiki to better understand how this tool could help securing your organization projects!

Installing

The easiest way to deploy huskyCI locally is by using Docker Compose, thus, you should have Docker and Docker Compose installed on your machine. After cloning this repository, run this:

make install

Running

After installing, a .env file will be generated which is needed to run huskyCI-client:

. .env 
make run-client

Contributing

Please read CONTRIBUTING.md for details on our code of conduct and the process for submitting pull requests to huskyCI.

Documentation

You can find huskyCI documentation here.

License

This project is licensed under the BSD 3-Clause "New" or "Revised" License - read LICENSE.md file for details.

About

Performing security tests inside your CI

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 89.4%
  • Shell 5.6%
  • Makefile 2.7%
  • Dockerfile 2.1%
  • JavaScript 0.2%