Prevent merging of malicious code in pull requests and CI/CD

GitHub - Prevent merging of malicious code in pull requests and CI/CD

by•12mo ago

A GitHub app that detects malicious code in pull requests and prevents it from getting merged. Alongside it, also released a Semgrep ruleset for detection at any stage of the CI/CD.

Replies

Best

Maker

📌

Hey everyone interested in security stuff! I started it after seeing all the hype around malicious code - lots of noise, but little effort to solve it. Having said that, malicious code is indeed a huge risk, easily accessible for anyone to use. This project is an attempt to apply research conclusions to effectively mitigate most of the problem. Feedback is appreciated :) More info: - The ruleset: https://github.com/apiiro/malici... - The research: https://apiiro.com/blog/guard-yo...

Report

12mo ago