Python codeql Projects
-
secure-code-game
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
-
Pixeebot
Pixeebot finds security and code quality issues in your code and inbound pull requests and creates merge-ready pull requests with recommended fixes. Pixeebot integrates with third party security tools such as Sonar, Semgrep, and CodeQL to automatically fix findings from each tool's scans.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Up your security skills with this in-repo learning experience. This season's game features five community-contributed challenges in JavaScript, Python, Go, and GitHub Actions. Start playing now.
Project mention: Show HN: Pixeebot – a GitHub App that fixes your Sonar findings (Java/Python) | news.ycombinator.com | 2024-03-25https://github.com/pixee/pygoat/pull/2/files
The changes aren't all super fancy, but we're orienting towards solving real problems and remediating issues -- grunt work you don't want to have to do, but compliance says you should (and you probably should)!
Right now, we fix around 25 of the things that Sonar commonly finds (and a lot more that it doesn't find!). You can see the complete list of things we fix here:
https://docs.pixee.ai/codemods/overview/
I'll tell you, it's so much nicer to receive PRs than tool warnings.
To try it out:
1. Install the Pixeebot GitHub App on a Sonar-monitored GitHub repository
- https://github.com/apps/pixeebot
Index
Project | Stars | |
---|---|---|
1 | secure-code-game | 1,888 |
2 | Pixeebot | - |
Sponsored