|
|
|
|
|
|
by sabahattink
82 days ago
|
|
|
Interesting approach. I've been working on something similar but framework-aware — for NestJS projects specifically, scanning decorators via AST to catch missing auth guards, untyped DTOs, and missing Swagger docs. The hardcoded secret detection is a must-have, agreed. What's your false positive rate on the secret scanning? I found regex-based patterns flag test fixtures pretty aggressively. |
|
|