DevSecInspect is a Neovim plugin focusing on putting security results in the hands of Developers.

✨ Features

• Automatic analyze code or dependencies
• Fully Customizable

⚡️ Requirements

• Neovim >= 0.9.0

📦 Installing

Lazy:

return {
    {
        "GeekMasher/DevSecInspect.nvim",
        dependencies = {
            "MunifTanjim/nui.nvim",
        },
        config = function()
            require("devsecinspect").setup({
                -- Options
            })
        end
    }
}

Tools

• Bandit (sast)
• Cargo Audit (sca)
• GitHub Advanced Security (service)
• NPM Audit (sca)
• Quibble (sast)
• Semgrep (sast)

Configuration

DevSecInspect is highly customizable allowing users to configure the plugin to do what you need.

require("devsecinspect").setup({
    -- Automatically add Nvim auto commands
    autocmd = true,
    -- List of tools to enable / use
    tools = {},
    -- Enable default tools
    default_tools = true,
    -- Custom tools
    custom_tools = {},
    -- Alerts Display and Panel settings
    alerts = {
        -- Mode to display alerts
        mode = "summarised",   -- "summarised" or "full"
        auto_open = false,     -- automatically open the panel
        auto_close = false,    -- automatically close the panel
        auto_preview = true,   -- automatically preview alerts in the main buffer
        text_position = "eol", -- "eol" / "overlay" / "right_align" / "inline"
        panel = {
            enabled = false,   -- always show the panel
            -- Panel position and size
            position = {
                row = "0%",
                col = "100%"
            },
            size = {
                width = "30%",
                height = "97%",
            },
        },
        -- Alert filters on when to display alerts
        filters = {
            -- Filter out alerts with severity below this level
            severity = "medium",
            -- Filter out alerts with confidence below this level
            confidence = nil
        }
    },
    symbols = {
        -- Icons
        info = " ",
        debug = " ",
        error = " ",
        warning = " ",
        hint = " ",
        -- Statuses
        enabled = "",
        disabled = "",
        running = " "
    },
})

All the configurations can be found here.

Support

Please create issues for any feature requests, bugs, or documentation problems.

Acknowledgement

• @GeekMasher - Author and Maintainer

Licence

This project is licensed under the terms of the MIT open source license. Please refer to MIT for the full terms.