bearer
Incoming
bearer | Incoming | |
---|---|---|
18 | 42 | |
1,753 | 309 | |
4.6% | 0.3% | |
9.5 | 4.2 | |
9 days ago | about 1 month ago | |
Go | Ruby | |
Elastic License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bearer
- Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python
-
[Tool] An alternative to Brakeman for Security
My team and I released Bearer a couple of weeks ago, a newer open and free alternative to Brakeman to check your code for security and privacy risks. In addition to Ruby/Rails, we also cover your JS/TS code, which allows you to use a single solution for your whole Rails application.
-
Brakeman VS bearer - a user suggested alternative
2 projects | 10 Jul 2023
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
-
semgrep VS bearer - a user suggested alternative
2 projects | 10 Jul 2023
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
-
Detecting sensitive data shared with OpenAI
Link to the Recipe https://github.com/Bearer/bearer/blob/main/pkg/classificatio...
-
Show HN: TypeScript Security Scanner
Hi HN,
I’m Guillaume, the cofounder of Bearer, an Open Source SAST solution.
After launching a few weeks ago here on Hacker News with support for Ruby and JavaScript stacks, I’m happy to report we’ve just released a new version (v1.2) with TypeScript support!
In terms of code coverage, we use the same rules already implemented for vanilla JavaScript, but as usual, you can build your own.
The rules list is here: https://docs.bearer.com/reference/rules/
It’s a first version for TS, but we believe that thanks to the pre-existing JavaScript support it should already provide good insights.
If you have some TypeScript code, we would love for you to try it out and let us know in the comment below or on our Discord your experience and how we can improve the findings.
You can access the repo here: https://github.com/Bearer/bearer
Thank you again!
-
Six security risk of user input in ruby code
It can be challenging to keep up with security best practices. In addition to watching for vulnerability reports, you can also run regular scans on your codebase with a SAST tool like Bearer CLI. It's a free and secure way to get practical security feedback on your ruby code. Check it out on GitHub at bearer/bearer.
-
Let’s scan DEV’s forem project with Bearer and analyze the results
Using open-source tools to test open-source projects feels like a great match. It wasn't until the other day that I remembered that the team behind DEV had open-sourced the bones of the site as Forem. To make it an even better match, the stack matches up nicely with the currently supported languages included in Bearer's new free and open-source security application security testing (SAST) tool. Unlike many security tools, this one is really focused on helping devs make sense of security concerns in an actionable way.
-
How to scan your ruby or JS project for security improvements, for free.
Good news! There’s a free open-source tool that can scan your code, check for known risks, and give you a list of things that need fixing. All are sorted by how risky the code is—based on things like how sensitive the data is and how damaging a breach or leak would be. It’s called Bearer.
- Open-source Static Code Analysis tool with sensitive-data prioritization
Incoming
-
Best practices for DB modifications MySQL
This article from HoneyBadger explains most relevant topics about Rails DB transactions.
-
A guide to exception handling in Python
Honeybadger is a powerful error-monitoring tool for Python applications. Integrating an error monitoring service like Honeybadger into your development workflow provides numerous benefits for effectively managing exceptions. From real-time notifications and error grouping to rich diagnostics and trend analysis, Honeybadger equips you with the tools you need to quickly identify, investigate, and resolve errors and ultimately enhance the overall quality and reliability of your applications. To demo this, let's now explore some features and examples of integrating Honeybadger into your Python code.
-
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
honeybadger.io - Exception, uptime, and cron monitoring. Free for small teams and open-source projects (12,000 errors/month).
-
Debugging an Application in Production
It sounds like you want to implement an exception monitoring tool like Honeybadger (my company), Sentry, or similar. They will tell you when someone encounters an error with your app, where the error occurred, and what the state of the app was (parameters, etc.) at the time of the error.
-
Let’s scan DEV’s forem project with Bearer and analyze the results
You may wonder why this is a problem. In the case of this code, we're sending the user's username to a third-party service. While username isn't inherently sensitive data, it certainly has to potential to be and should be treated as such. It's better to use IDs that can't identify the user if the third party—in this case, honeybadger—is breached. You can see the full list of supported data types, sorted by category, on the docs.
-
Exception Handling in JavaScript
Sign up on the Honeybadger website and click on ‘start free trial’, as shown in the following image.
- Have you ever been mad enough at a company treating you wrong that you thought about building your own solution? Well, back in 2012 we did that! This is the story of how three devs with an app have thrived amid an excess of venture-capital-backed competitors.
- Monitoring doesn't have to be so complicated. That's why we built the monitoring tool we always wanted: a tool that's there when you need it, and gets out of your way when you don't—so that you can keep shipping
- Do you currently use one service for uptime monitoring, another for error tracking, another for status pages and yet another to monitor your cron jobs and microservices? Paying for all of those services separately may be costing you more than you think.
What are some alternatives?
Brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications
Ahoy Email - First-party email analytics for Rails
KubeHound - Kubernetes Attack Graph
Griddler - Simplify receiving email in Rails
Scanners-Box - A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Sup - A curses threads-with-tags style email client (mailing list: [email protected])
TSS - Threshold Secret Sharing - A Ruby implementation of Threshold Secret Sharing (Shamir) as defined in IETF Internet-Draft draft-mcgrew-tss-03.txt
Maily - 📫 Rails Engine to preview emails in the browser
SiRP - Secure (interoperable) Remote Password Auth (SRP-6a)
Mailman
BeEF - The Browser Exploitation Framework Project
Markerb