https://github.com/devlopersabbir/dose-scan
This is for scanning repository for detecting and informing to our developer to fix and safely send code to the remote repository.
https://github.com/devlopersabbir/dose-scan
Last synced: 13 days ago
JSON representation
This is for scanning repository for detecting and informing to our developer to fix and safely send code to the remote repository.
- Host: GitHub
- URL: https://github.com/devlopersabbir/dose-scan
- Owner: devlopersabbir
- Created: 2026-04-30T09:51:03.000Z (about 2 months ago)
- Default Branch: main
- Last Pushed: 2026-05-14T08:15:27.000Z (about 1 month ago)
- Last Synced: 2026-05-14T08:39:29.604Z (about 1 month ago)
- Language: Shell
- Size: 141 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# π‘οΈ DOSE (Dangerous Operations Security Enforcer)
## π― Project Goal
DOSE is a **lightweight, bash-based security scanning tool** designed to run automatically during development (pre-commit) and optionally as a full-codebase audit tool.
Its main goal is to **detect dangerous, insecure, or suspicious code patterns early** before they reach production.
---
## βοΈ Core Objectives
### 1. Pre-Commit Security Enforcement
- Scan only **staged Git files**
- Block commits if critical security issues are found
- Warn developers about risky patterns without blocking
---
### 2. Full Codebase Security Audit
- Scan the entire working directory recursively
- Exclude irrelevant directories (node_modules, dist, etc.)
- Provide a complete security overview of the project
---
### 3. Pattern-Based Detection System
- Detect:
- π΄ Dangerous code execution (eval, system calls)
- π΄ Hardcoded secrets (API keys, tokens, passwords)
- π΄ Data exfiltration patterns (curl/wget to external endpoints)
- π‘ Unsafe practices (debug logs, insecure HTTP, TODO secrets)
- Fully configurable regex-based rules
---
### 4. High-Performance Parallel Scanning
- Scan multiple files concurrently
- CPU-aware worker limits
- Optimized for large codebases
---
### 5. Developer-Friendly Output
- Color-coded CLI output (BLOCK / WARN / SAFE)
- File-level issue reporting
- Clear line-level context for debugging
---
### 6. Modular & Extensible Architecture
- Separation of:
- scanning engine
- pattern definitions
- git integration
- dependency checks
- Easy to extend with new rules or modules
---
## π Key Design Principles
- **DRY (Donβt Repeat Yourself)** β reusable scan engine
- **Fail Fast** β block unsafe commits immediately
- **Zero Noise Policy** β only meaningful warnings
- **Performance First** β parallel execution by default
## π Documentation
For detailed installation guides, usage examples, and pattern references, visit our [Documentation Site](https://devlopersabbir.github.io/dose-scan).
---
## π Quick Install
To install or update DOSE scanner globally on your machine, run:
```bash
curl -sSL https://scan.softvenceomegaforce.cloud/install.sh | bash
```
On Windows PowerShell, run:
```powershell
irm https://scan.softvenceomegaforce.cloud | iex
```
This will:
1. Download the latest stable scanner release from the DOSE update server
2. Make the binary executable
3. Create `/usr/local/bin/dose-scan` on macOS/Linux or a Windows command shim
---
## ποΈ Uninstallation
To completely remove DOSE scanner from your system, run:
```bash
curl -sSL https://scan.softvenceomegaforce.cloud/uninstall.sh | bash
```
On Windows PowerShell, run:
```powershell
irm https://scan.softvenceomegaforce.cloud/uninstall.ps1 | iex
```
This will:
1. Remove the global symlink from `/usr/local/bin/dose-scan`
2. Delete the installation directory at `~/.dose-scan`
---
## 𧩠Future Vision
- GitHub Actions integration (CI/CD security gate)
- SARIF output (GitHub Security tab support)
- Auto-fix suggestions for safe transformations
- Plugin system for custom rules
- Enterprise security policy engine