Our great sponsors
-
cpg
A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
Hey everyone! We’ve been working on a static code analysis tool to map out where user data is flowing at the code level and catch potential privacy violations; you can check it out here: https://github.com/monoid-privacy/monoid/tree/master/monoid-...
The goal here is to “shift privacy left” and make it easier to find potential privacy headaches, like user data leaking into logs, earlier in the software lifecycle. The tool slots easily into CI/CD for privacy checks on every commit, and can also be run ad-hoc via the CLI.
This was also a pretty exciting build from a technical perspective; OSS tooling around code graph generation and static analysis is pretty sparse (though https://github.com/Fraunhofer-AISEC/cpg offers a great foundation), so we built out a lot of code property graph generation + manipulation logic from the ground up.
Feedback would be much appreciated!