Git Product home page Git Product logo

crie's Introduction

crie.

crie cli demo

Effectively format and lint code for a variety of languages

Docker Cloud Build Status

Features

This tool enables teams of developers to use static-analysis where they normally wouldn't:

  • Avoid remembering multiple run configurations
  • Avoid various install instructions

Quality of Life:

  • Git friendly - Only check changed files in the last few commits
  • Extendable for more languages
  • Fast and clean output
  • Batteries included but swappable - Swap any implementation with another linter
  • Identify files lacking any static-analysis

Install

Getting the tool

    go install github.com/tyhal/crie/cmd/crie@latest

The suggested way to start running crie is to run chk at the top of your project and add --continue to see every error in the project (this will not change any code)

    crie chk --continue

crie's People

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

largerock lgtm-migrator

crie's Issues

Dependabot can't parse your go.mod

Dependabot couldn't parse the go.mod found at /go.mod.

The error Dependabot encountered was:

go: gopkg.in/[email protected] requires
	gopkg.in/[email protected]: invalid version: git fetch -f origin refs/heads/*:refs/heads/* refs/tags/*:refs/tags/* in /opt/go/gopath/pkg/mod/cache/vcs/9241c28341fcedca6a799ab7a465dd6924dc5d94044cbfabb75778817250adfc: exit status 128:
	fatal: The remote end hung up unexpectedly

View the update logs.

CPP Projects

INFO type=stdout
ERRO type=stderr
DEBU pipe2: too many open files type=err
INFO type=stdout
ERRO type=stderr
DEBU pipe2: too many open files type=err

Duplicated error message

➜ crie cmt
Error: unknown command "cmt" for "crie"

Did you mean this?
chk
fmt

Run 'crie --help' for usage.
unknown command "cmt" for "crie"

Did you mean this?
chk
fmt

Cant download latest

➜ crie fmt
Unable to find image 'tyhal/crie:latest' locally
docker: Error response from daemon: manifest for tyhal/crie:latest not found.
See 'docker run --help'.

Project NONs

kubernetes/kubernetes

Original:

+------------+-------+
| EXTENSION  | COUNT |
+------------+-------+
| BUILD      |  3167 |
| OWNERS     |   477 |
| LICENSE    |   226 |
| .s         |   123 |
| .gitignore |   103 |
| .mod       |    79 |
| Makefile   |    65 |
| .sum       |    61 |
| .response  |    61 |
| .request   |    61 |
| VERSION    |    36 |
+------------+-------+

Latest:
7m 13s - crie all

+------------+-------+
| EXTENSION  | COUNT |
+------------+-------+
| BUILD      |  3203 |
| OWNERS     |   476 |
| LICENSE    |   227 |
| .s         |   123 |
| .gitignore |   103 |
| .mod       |    80 |
| Makefile   |    62 |
| .request   |    61 |
| .response  |    61 |
| .sum       |    61 |
| VERSION    |    32 |
+------------+-------+

CVE-2017-18342 (High) detected in PyYAML-3.13.tar.gz

CVE-2017-18342 - High Severity Vulnerability

Vulnerable Library - PyYAML-3.13.tar.gz

YAML parser and emitter for Python

Library home page: https://files.pythonhosted.org/packages/9e/a3/1d13970c3f36777c583f136c136f804d70f500168edc1edea6daa7200769/PyYAML-3.13.tar.gz

Path to dependency file: /crie/requirements.txt

Path to vulnerable library: teSource-ArchiveExtractor_2dd19b17-724d-4c99-9d1e-9a4b98d0e525/20190714111911_81288/20190714111853_depth_0/2/PyYAML-3.13.tar/PyYAML-3.13

Dependency Hierarchy:

  • PyYAML-3.13.tar.gz (Vulnerable Library)

Found in HEAD commit: 2f95a094e895c72ded51fdc62e0398ae3ad0d04c

Vulnerability Details

In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.

Publish Date: 2018-06-27

URL: CVE-2017-18342

CVSS 3 Score Details (9.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-18342

Release Date: 2018-06-27

Fix Resolution: 4.1

Step up your Open Source Security Game with WhiteSource here

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.