https://github.com/oxsecurity/codetotal

Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.
https://github.com/oxsecurity/codetotal

code-quality-analyzer iac megalinter sast sbom sbom-generator secrets-detection security supply-chain supply-chain-security vulnerability-scanners

Last synced: 2 months ago
JSON representation

Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.

• Host: GitHub
• URL: https://github.com/oxsecurity/codetotal
• Owner: oxsecurity
• License: agpl-3.0
• Created: 2023-06-25T15:26:51.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2024-08-14T10:46:17.000Z (8 months ago)
• Last Synced: 2025-02-07T20:01:36.422Z (2 months ago)
• Topics: code-quality-analyzer, iac, megalinter, sast, sbom, sbom-generator, secrets-detection, security, supply-chain, supply-chain-security, vulnerability-scanners
• Language: TypeScript
• Homepage: https://codetotal.io
• Size: 43.2 MB
• Stars: 76
• Watchers: 5
• Forks: 10
• Open Issues: 6
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Security: docs/security-linters.md

Awesome Lists containing this project

README

        


  

    

  



# CodeTotal

[![GitHub release](https://img.shields.io/github/v/release/oxsecurity/codetotal?sort=semver)](https://github.com/oxsecurity/codetotal/releases)

[![GitHub stars](https://img.shields.io/github/stars/oxsecurity/codetotal?cacheSeconds=3600)](https://github.com/oxsecurity/codetotal/stargazers/)

[![MegaLinter](https://github.com/oxsecurity/codetotal/workflows/MegaLinter/badge.svg?branch=main)](https://github.com/oxsecurity/codetotal/actions?query=workflow%3AMegaLinter+branch%3Amain)

[![GitHub contributors](https://img.shields.io/github/contributors/oxsecurity/codetotal.svg)](https://github.com/oxsecurity/codetotal/graphs/contributors/)

[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com)

**CodeTotal** analyzes any **snippet**, **file**, or **repository** to detect possible **security flaws** such as **secret in code**, **open source vulnerability**, **code security**, **vulnerability**, insecure **infrastructure as code**, and potential **legal issues** with open source licenses.

To see how to use CodeTotal, please read [**online documentation**](https://codetotal.io) :)

___

## Scan repository

Scan an entire repository

![CodeTotal Screenshot](docs/assets/images/run-repo.gif "Run repo recording")

___

## Scan snippets

Copy-paste a snippet in any language.

![CodeTotal Screenshot](docs/assets/images/run-snippet.gif "Run snippet recording")

___

## Scan file(s)

Select a file to scan, it can be:

- any source code file

- a zip containing a folder that will be extracted before scan.

![CodeTotal Screenshot](docs/assets/images/run-file.gif "Run file recording")

___

## Quick start

TLDR; Just run `npx mega-linter-runner@latest --codetotal`

![CodeTotal Screenshot](docs/assets/images/quick-start.gif "QuickStart recording")

___

_Brought to you by [OX Security](https://ox.security), powered by [MegaLinter](https://megalinter.io)_