git-vuln-finder v1.1 released (Library version added) - Finding vulnerabilities in source code repositories by analysing git commit messages

git-vuln-finder v1.1 released (Library version added) - Finding vulnerabilities in source code repositories by analysing git commit messages

Finding potential software vulnerabilities from git commit messages.
The output format is a JSON with the associated commit which could contain a
fix regarding a software vulnerability. The search is based on a set of regular
expressions against the commit messages only. If CVE IDs are present, those are
added automatically in the output.

Version 1.1

• Thanks to @cedricbonhomme git-vuln-finder can also be used as a Python Library in addition to the command line interface.

For more information, check the website.

Contributing

We welcome contributions for the software and especially additional vulnerability patterns. Every contributors will be added in the AUTHORS file and collectively own this open source software. The contributors acknowledge the Developer Certificate of Origin.