{"id":29178361,"url":"https://github.com/zaydons/devscrub","last_synced_at":"2026-04-20T09:33:17.849Z","repository":{"id":302307945,"uuid":"1009945725","full_name":"zaydons/DevScrub","owner":"zaydons","description":"A comprehensive security scanning tool that combines traditional pattern matching with semantic analysis to detect vulnerabilities, secrets, and security issues across multiple programming languages and frameworks.","archived":false,"fork":false,"pushed_at":"2025-07-01T16:26:03.000Z","size":30,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-01T17:31:23.158Z","etag":null,"topics":["ci-cd","cli","devsecops","docker","javascript","open-source","python","security","static-analysis"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zaydons.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-28T02:50:12.000Z","updated_at":"2025-07-01T17:21:41.000Z","dependencies_parsed_at":"2025-07-01T17:34:09.298Z","dependency_job_id":null,"html_url":"https://github.com/zaydons/DevScrub","commit_stats":null,"previous_names":["zaydons/devscrub"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/zaydons/DevScrub","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zaydons%2FDevScrub","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zaydons%2FDevScrub/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zaydons%2FDevScrub/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zaydons%2FDevScrub/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zaydons","download_url":"https://codeload.github.com/zaydons/DevScrub/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zaydons%2FDevScrub/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263019621,"owners_count":23400934,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ci-cd","cli","devsecops","docker","javascript","open-source","python","security","static-analysis"],"created_at":"2025-07-01T18:46:08.925Z","updated_at":"2026-04-20T09:33:17.814Z","avatar_url":"https://github.com/zaydons.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# DevScrub 🔒\n\n**Advanced Security Scanner with Semantic Code Analysis**\n\nA comprehensive security scanning tool that combines traditional pattern matching with semantic analysis to detect vulnerabilities, secrets, and security issues across multiple programming languages and frameworks.\n\n## 🚀 Installation\n\n### Docker (Recommended)\n```bash\n# Build the Alpine-based image\n./scripts/build.sh\n```\n\n### Native Installation\n```bash\n# Install Python dependencies\npip install -r requirements.txt\n\n# Install additional tools (optional)\nnpm install -g yarn\n```\n\n## 📖 Usage\n\n### Docker (Recommended)\n```bash\n# Scan current directory\n./scripts/scan.sh\n\n# Scan specific project\n./scripts/scan.sh /path/to/project\n\n# Custom output format\n./scripts/scan.sh /path/to/project ./reports json\n./scripts/scan.sh /path/to/project ./reports html\n./scripts/scan.sh /path/to/project ./reports all\n\n# Direct Docker usage\ndocker run --rm -v /path/to/project:/scan:ro -v $(pwd)/reports:/reports devscrub-scanner\n```\n\n### Native Usage\n```bash\n# Scan current directory\npython3 -m src.security_scanner\n\n# Scan specific project\npython3 -m src.security_scanner /path/to/project\n\n# Custom format\npython3 -m src.security_scanner . --format json\npython3 -m src.security_scanner . --format html\npython3 -m src.security_scanner . --format all\n\n# Filter by severity\npython3 -m src.security_scanner . --severity high\n\n# Skip linting scans\npython3 -m src.security_scanner . --no-linting\n```\n\n## 🛠️ What It Scans\n\n### Security Tools\n- **Secret Detection**: TruffleHog, DeepSecrets, manual pattern matching\n- **Vulnerability Scanning**: Grype, Bandit, pip-audit, Semgrep\n- **SBOM Generation**: Syft for dependency inventory\n- **Code Quality**: Ruff, Pylint, npm audit, yarn audit, ESLint\n- **Container Security**: Trivy, Hadolint for Docker scanning\n- **Shell Security**: ShellCheck for shell script analysis\n\n### Supported Languages \u0026 Technologies\n- **Python**: Bandit (security), pip-audit (dependencies), Semgrep (SAST), Ruff (linting), Pylint (code quality)\n- **JavaScript/TypeScript**: npm audit, yarn audit, ESLint (linting)\n- **Docker**: Hadolint (Dockerfile linting), Trivy (container scanning)\n- **Shell Scripts**: ShellCheck (shell script analysis)\n- **General**: Semgrep (multi-language SAST), TruffleHog (secrets), DeepSecrets (semantic analysis)\n\n## 📊 Report Formats\n\n- **JSON**: Machine-readable detailed report with complete scan results\n- **HTML**: Interactive dashboard with filtering, documentation links (including Ruff, Pylint, Bandit, etc.), and CVE/CWE links\n- **All**: Generates both JSON and HTML formats\n\n\n## 🔧 Configuration\n\nNo configuration file needed. The scanner automatically detects project types and runs appropriate tools. Use command-line arguments to customize behavior.\n\n## 🤝 Development\n\n### Setup\n```bash\n# Clone the repository\ngit clone https://github.com/zaydons/DevScrub.git\ncd DevScrub\n\n# Install dependencies\npip install -r requirements.txt\n\n# Make scripts executable\nchmod +x scripts/*.sh\n```\n\n### Contributing\n1. Fork the repository\n2. Create a feature branch\n3. Make your changes\n4. Submit a pull request\n\n### Project Structure\n```\nDevScrub/\n├── src/                    # Source code\n│   ├── security_scanner.py # Main scanner logic\n│   ├── html_report.py      # HTML report generator\n│   └── scanners/           # Scanner modules\n│       ├── base_scanner.py      # Base scanner class\n│       ├── python_scanner.py    # Python security scanning\n│       ├── javascript_scanner.py # JavaScript/TypeScript scanning\n│       ├── docker_scanner.py    # Docker/container scanning\n│       ├── shell_scanner.py     # Shell script scanning\n│       ├── secrets_scanner.py   # Secret detection\n│       ├── sbom_scanner.py      # SBOM generation\n│       └── vulnerability_scanner.py # Vulnerability scanning\n├── scripts/               # Build and utility scripts\n│   ├── build.sh          # Docker image build\n│   ├── scan.sh           # Main scan script\n│   ├── install.sh        # Installation script\n│   └── entrypoint.sh     # Docker entrypoint\n├── .github/workflows/    # CI/CD pipelines\n│   └── docker-build-tag-push.yml # Docker build workflow\n├── security-reports/     # Generated security reports\n├── Dockerfile            # Docker container definition\n├── docker-compose.yml    # Docker Compose configuration\n├── requirements.txt      # Python dependencies\n├── VERSION              # Version file\n├── CHANGELOG.md         # Change log\n└── README.md            # This file\n```\n\n## 📄 License\n\nMIT License - see [LICENSE](LICENSE) for details.\n\n---\n\n**DevScrub** - Scrubbing your code for security issues since 2025 🔒","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzaydons%2Fdevscrub","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzaydons%2Fdevscrub","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzaydons%2Fdevscrub/lists"}