video link - click here presentation link - click here
Backend requires 3 environment variables-
- MONGODB_URL
- GITHUB ACCESS TOKEN
- PORT
These variables have to be put in a .env file in the root of the folder after that run -
npm install
npm run start
cd frontend
npm install
npm run start
The Project uses codeQL a security analytics engine which convert the code to a database and can run various queries over it to detect vulnerablities. the code is forked wusing a script to another users repositories list and a workflow file is created. this workflow file contains a curated list of codeQL queires to detect code vulnerablities and data theft issues. This list is being constantly updated by github's security engineers and we won't require any manual efforts to keep up to date with latest code vulnerablities.
Novelty of our project -
- Use of codeQL a security analysis engine.
- Use of github actions and automated CI/CD pipeline with queries that are curated by github's security engineers which keep on updating time to time.
- We can add other workflows in future to add various other script to detect other vulnerablities.