crev - Scalable, social, Code REView system that we desperately need (WIP)

  •        3

You're ultimately responsible for vetting your dependencies. crev is a real "code review" system as opposed to typical "code-change review" system.

https://github.com/dpc/crev

Tags
Implementation
License
Platform

   




Related Projects

raptor - Web-based Source Code Vulnerability Scanner

  •    Javascript

Raptor is a web-based (web-serivce + UI) github centric source-vulnerability scanner i.e. it scans a repository with just the github repo url. You can setup webhooks to ensure automated scans every-time you commit or merge a pull request. The scan is done asynchonously and the results are available only to the user who initiated the scan. This tool is an attempt to help the community and start-up companies to emphasize on secure-coding. This tool may or may not match the features/quality of commercial alternatives, nothing is guaranteed and you have been warned. This tool is targeted to be used by security code-reviewers and/or developers with secure-coding experience to find vulnerability entry-points during code-audits or peer reviews. Please DO NOT trust the tool's output blindly. This is best-used if you plug Raptor into your CI/CD pipeline.

Review Board - Code Review Tool

  •    Python

Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process. Review Board supports reviewing code for Bazaar, CVS, Git, Mercurial, Perforce, and Subversion repositories.

code-review-tips - :microscope: Common problems to look for in a code review

  •    Javascript

Code reviews can inspire dread in both reviewer and reviewee. Having your code analyzed can feel as invasive as being screened by the TSA as you go off to your vacation. Even worse, reviewing other people's code can feel like a painful and ambiguous exercise, searching for problems and not even knowing where to begin. This project aims to provide some solid tips for how to review the code that you and your team write. All examples are written in JavaScript, but the advice should be applicable to any project of any language. This is by no means an exhaustive list, but hopefully this will help you catch as many bugs as possible long before users ever see your feature.

reviewboard - An extensible and friendly code review tool for projects and companies of all sizes.

  •    Python

Review Board is an open source, web-based code and document review tool built to help companies, open source projects, and other organizations keep their quality high and their bug count low. We began writing Review Board in 2006 to fill a hole in the code review market. We wanted something open source that could be flexible enough to work with a variety of workflows, and could take the pain out of the code review process.


ReviewPal - The Code Review Companion for .Net.

  •    

ReviewPal, the Code Review Companion for .Net. This is an Add-In / Extension for Visual Studio 2008 & Visual Studio 2010. The aim of the Add-In / Extension is to do a source code review within the Visual Studio IDE where code makes more sense and most readable.

Gerrit - Code Review tool for Git

  •    Java

Gerrit is a web based code review system, facilitating online code reviews for projects using the Git version control system. Gerrit makes reviews easier by showing changes in a side-by-side display, and allowing inline comments to be added by any reviewer.

reviewdog - :dog: Automated code review tool integrated with any code analysis tools regardless of programming language

  •    Go

"reviewdog" provides a way to post review comments to code hosting service, such as GitHub, automatically by integrating with any linter tools with ease. It uses an output of lint tools and posts them as a comment if findings are in diff of patches to review. reviewdog also supports run in the local environment to filter an output of lint tools by diff.

NodeJsScan - NodeJsScan is a static security code scanner for Node.js applications.

  •    Python

Static security code scanner (SAST) for Node.js applications. The command line interface (CLI) allows you to integrate NodeJsScan with DevSecOps CI/CD pipelines. The results are in JSON format. When you use CLI the results are never stored with NodeJsScan backend.

Code Review Add-In

  •    

The Code Review Add-In helps the process of reviewing code and publishing the results as work items to the Team System Server for team members to review them.

Reconnoitre - A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing

  •    Python

A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. This tool is based heavily upon the work made public in Mike Czumak's (T_v3rn1x) OSCP review (link) along with considerable influence and code taken from Re4son's mix-recon (link). Virtual host scanning is originally adapted from teknogeek's work which is heavily influenced by jobertabma's virtual host discovery script (link). Further Virtual Host scanning code has been adapted from a project by Tim Kent and I, available here (link).

TeamReview - TFS Code Review

  •    

The most complete solution for Team System Code Reviews: a specific work item type and a Visual Studio add-in for a completely in IDE code review experience. TeamReview exploits the advantages of Team System and VSX to reduce waste and surface new business value from code reviews

dawnscanner - Dawn is a static analysis security scanner for ruby written web applications

  •    Ruby

dawnscanner is a source code scanner designed to review your ruby code for security issues. dawnscanner version 1.6.6 has 235 security checks loaded in its knowledge base. Most of them are CVE bulletins applying to gems or the ruby interpreter itself. There are also some check coming from Owasp Ruby on Rails cheatsheet.

appr - Open React Native PR Builds instantly on device

  •    Javascript

appr builds and deploys pull requests in your create-react-native-app (and other Expo-based) projects, and replies with a link you can open directly on your device or emulator.Mature technical organizations peer-review their code. Reviewing code on GitHub is simple enough: for most well-crafted pull requests, you can review the code diff in your browser, and either approve the changes, or request further improvements.

danger - 🚫 Stop saying "you forgot to …" in code review

  •    Ruby

Formalize your Pull Request etiquette. Danger runs after your CI, automating your team's conventions surrounding code review.

danger-js - ⚠️ Stop saying "you forgot to …" in code review

  •    TypeScript

Formalize your Pull Request etiquette. Danger runs after your CI, automating your team's conventions surrounding code review.

octotree - GitHub on steroids

  •    Javascript

Browser extension that enhances GitHub code review and exploration. You can download Octotree for your browser from our website. Octotree supports Chrome, Firefox, Edge, Safari, Brave, and Opera. Please check out the troubleshooting guide to see if it solves the problem. If it doesn't, please either create a forum ticket or send an email to support@octotree.io.

BlackSquare

  •    

Spec review system based on code review principles. This project is a derivative of Malevich, a popular code review tool.

QuickReview

  •    

QuickReview allows developers to generate an email including details of the shelveset they want to send for code review

Milk - secure and smooth

  •    Java

Milk is a security source code assessment tool using Orizon as API. Milk scans java and .NET source file in order to perform a security code review trying to point out safe coding best practices misuse.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.