securesecodao / searchseco-miner Goto Github PK
View Code? Open in Web Editor NEWMiner implementation for SearchSECO
Home Page: https://docs.secureseco.org/searchseco-integration
License: MIT License
Miner implementation for SearchSECO
Home Page: https://docs.secureseco.org/searchseco-integration
License: MIT License
sample repo: https://github.com/pragmaticly/teahour.fm
One of the industry partners told us it is really hard for them to determine which version of a project a piece of source code (in particular C++ projects) belongs to. This, for instance, is needed when a company has included a set of C++ libraries, but they don't know which versions they have.
We want to be able to generate a Software Bill of Materials (SBOM) based on a large folder filled with code. As the code should not be sent to the DB, we must make sure it's only a check command.
The method could be as follows:
The input in this case will most probably be a directory and not a git repo.
Please do so, Krishna ;-)
If it runs, we can decide to apply for free AWS and MS credit
https://tree-sitter.github.io/tree-sitter/
What should be done? How should we approach it? What will it bring? What will we lose?
As it used to be in the C++ version.
Main reason: so we can upload the Linux project and see whether we can break the new js version and fix those problems too.
Currently, the default is "client", but I'd like to give it another name?
Parallelize parsers
And share them with Slinger so that we can take action if we actually find a big one in a latest version of a project. Because that would be huge!
So that when something weird happens (McAffee fires sometimes) you can immediately address it by looking up the time in the logs.
So that we need some kind of authentication to go into the DB and so that we don't have to use tcp/ip anymore.
Also, to need less code.
Eventually, make sure we also close the tcp/ip way of communicating with the DB, so we don't leave a huge backdoor.
Throughout project.
In this way we can see whether a miner needs a kick and we're not wasting money through Heroku or AWS or other.
I was happily running a miner without srcML, not realizing that I was missing a lot of projects because of it. Please do not proceed if srcML is not installed, as long as we need it? Should be easy, hopefully.
Organizations will want to know if their code has "leaked". We can warn them if their code appears in great numbers on Github.
Currently, we're not storing the date of a method's last change. We want to have better dating for each method.
Think of a way and usage scenario of how miners can check each other's hashes and subsequently ensure correctness of their hashes.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.