Rafael dos Santos
Rafael dos Santos
Hello, everyone. Cool project! What do you think of adding a security path to the roadmap? I good start would be mentioning [gosec](https://github.com/securego/gosec). 🙃
## Motivation [Copy-and-Paste](https://github.com/globocom/secDevLabs/tree/master/owasp-top10-2017-apps/a1/copy-n-paste)'s attack narrative makes use only of SQLMap to show how an automated SQL injection could be performed. ## It would be great if We could also have...
## Motivation SecDevLab's goal is to provide examples of how security vulnerabilities could be fixed, but we only have one example of `Cross-Site Scripting` from [OWASP's 2017 Top 10](https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A7-Cross-Site_Scripting_(XSS)). ##...
## Motivation huskyCI runs all its securityTests using a Docker API component. It works fine but some companies may eventually face some problems when scaling to multiple VMs running this...
## Motivation Users nowadays can add the tag `#nohusky` in their code to avoid false positives in Python and in Go projects. However, this feature is not present yet for...
## Motivation We received [this feedback](https://github.com/globocom/huskyCI/issues/407) from huskyCI users (thanks, @igorfernandes 😃) that suggests that the analysis could have a timeout configurable. Some repositories are "very large" take too long...
## Motivation Facebook has developed [this cool Open Source tool](https://fbinfer.com/) to detect bugs in Java and C/C++/Objective-C code and it will be a great addition to huskyCI analysis. ## It...
It would be nice if an user could revoke access from a file he/she has gcrypted.