{"id":13652798,"url":"https://github.com/dowjones/reapsaw","last_synced_at":"2025-08-18T07:30:55.904Z","repository":{"id":147528332,"uuid":"199480644","full_name":"dowjones/reapsaw","owner":"dowjones","description":"Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.","archived":false,"fork":false,"pushed_at":"2020-09-23T11:20:40.000Z","size":2734,"stargazers_count":41,"open_issues_count":2,"forks_count":15,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-08-03T14:40:55.320Z","etag":null,"topics":["appsec","continuous-security","devsecops","secure-coding"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dowjones.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2019-07-29T15:36:59.000Z","updated_at":"2024-10-25T02:00:35.000Z","dependencies_parsed_at":null,"dependency_job_id":"95a4c5d5-5450-4600-896d-732d0d1cc11d","html_url":"https://github.com/dowjones/reapsaw","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/dowjones/reapsaw","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dowjones%2Freapsaw","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dowjones%2Freapsaw/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dowjones%2Freapsaw/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dowjones%2Freapsaw/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dowjones","download_url":"https://codeload.github.com/dowjones/reapsaw/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dowjones%2Freapsaw/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270644739,"owners_count":24621332,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-15T02:00:12.559Z","response_time":110,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appsec","continuous-security","devsecops","secure-coding"],"created_at":"2024-08-02T02:01:02.787Z","updated_at":"2025-08-18T07:30:55.459Z","avatar_url":"https://github.com/dowjones.png","language":"Python","readme":"![Reapsaw](docs/logo.png)\n## Reapsaw\n\n\n### Introduction\n\nDow Jones Reapsaw is our way to embed security testing within an SDLC lifecycle. This helps to ensure that security testing is consistent and effective.\n\nReapsaw is an orchestration platform for various security tools (static and run-time) which helps in identifying different types of security bugs during the process (open source vulnerabilities, static code security bugs,  insecure functions, secrets in code, authentication bypass etc.). \nIt can be easily integrated into already-established process and tools in an organizations SDLC, bug trackers, source repositories and other testing tools. Being CI/CD friendly,once enabled within the CI pipeline, reapsaw will help in identifying very high fidelity and low false positive bugs into developers backlog. This will enable in quick feedback and provide developers friendly recommendations on fixes. \n\n\n![Reapsaw](docs/execution-model.png)\n\nStatic application security testing (SAST) is a set of technologies designed to analyze application source code for coding and design conditions that are indicative of security vulnerabilities.\n\n### Documentation\n- [Wiki](https://github.com/dowjones/reapsaw/wiki)\n\n### Tests\n\n- see also [CONTRIBUTING](https://github.com/dowjones/reapsaw/blob/master/CONTRIBUTING.md)\n\n```\ntox -e install\ntox -e test\n```","funding_links":[],"categories":["Continuous Security Testing"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdowjones%2Freapsaw","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdowjones%2Freapsaw","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdowjones%2Freapsaw/lists"}