sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity
Pulse Contributors Code Frequency Recent Commits

2026-03-25 - 2026-04-25
Period: 1 month
1 day 3 days 1 week 1 month 3 months 6 months 1 year

Overview

8 Active Pull Requests
23 Active Issues
8
Merged Pull Requests 0
Proposed Pull Requests 0
Closed Issues 23
New Issues
Excluding merges, 2 authors have pushed 13 commits to main and 34 commits to all branches. On main, 68 files have changed and there have been 3955 additions and 405 deletions.

1 Release published by 1 user

Published v0.2.0 v0.2.0 — AI-Native Security & Compliance Platform 2026-03-30 13:18:47 +00:00

8 Pull requests merged by 1 user

Merged #55 fix: CVE notifications during scan + help chat doc loading + Dockerfile 2026-03-30 13:10:56 +00:00

Merged #53 feat: hourly CVE alerting with notification bell and API 2026-03-30 10:39:39 +00:00

Merged #52 feat: add E2E test suite with nightly CI, fix dashboard Dockerfile 2026-03-30 10:04:07 +00:00

Merged #51 feat: add floating help chat widget, remove settings page 2026-03-30 08:05:30 +00:00

Merged #50 fix: cascade-delete DAST targets, pentests, and downstream data on repo delete 2026-03-30 07:11:24 +00:00

Merged #49 feat: refine all LLM system prompts for precision and reduced false positives 2026-03-30 07:11:17 +00:00

Merged #48 feat: deduplicate code review findings across LLM passes 2026-03-29 20:38:53 +00:00

Merged #47 fix: check Gitea API response status and fallback for PR reviews 2026-03-25 16:26:09 +00:00

23 Issues created by 1 user

Opened #54 [medium] semgrep: Service 'mailserver' is running with a writable root filesystem. This may allow malicious applications to download and run additional payloads, or modify container files. If an application inside a container has to save something temp… 2026-03-30 11:21:43 +00:00

Opened #56 Webhook auth bypass when webhook_secret is None 2026-03-30 13:28:02 +00:00

Opened #58 JWKS cache never expires — key rotation requires restart 2026-03-30 13:28:52 +00:00

Opened #57 JWT audience validation disabled — cross-app token reuse 2026-03-30 13:28:52 +00:00

Opened #59 No request body size limit on API and webhook servers 2026-03-30 13:28:53 +00:00

Opened #60 Health endpoint does not verify database connectivity 2026-03-30 13:28:53 +00:00

Opened #63 Graph endpoints load full node/edge collections without pagination 2026-03-30 13:29:55 +00:00

Opened #61 Scheduled scans run sequentially — one slow repo blocks all others 2026-03-30 13:29:55 +00:00

Opened #62 CVE monitor loads entire SBOM collection into memory 2026-03-30 13:29:55 +00:00

Opened #65 No graceful shutdown — in-progress scans left in running state 2026-03-30 13:29:56 +00:00

Opened #64 sort_by query parameter is a NoSQL injection vector 2026-03-30 13:29:56 +00:00

Opened #66 get_attack_chain has no pagination — long sessions return unbounded data 2026-03-30 13:29:56 +00:00

Opened #67 license_summary and SBOM export fetch entire dataset without limits 2026-03-30 13:29:57 +00:00

Opened #68 Webhook server port is hardcoded to 3002 2026-03-30 13:29:57 +00:00

Opened #69 Email notification channel for CVE alerts 2026-03-30 13:31:51 +00:00

Opened #70 Webhook delivery tracking and retry 2026-03-30 13:31:52 +00:00

Opened #71 Audit logging for security-sensitive operations 2026-03-30 13:31:52 +00:00

Opened #74 CI/CD pipeline gates — block deploys on critical findings 2026-03-30 13:31:53 +00:00

Opened #72 SOC2 and ISO 27001 compliance control mappings 2026-03-30 13:31:53 +00:00

Opened #73 Policy-as-Code: custom compliance rules via YAML 2026-03-30 13:31:53 +00:00

Opened #75 Executive compliance posture reports 2026-03-30 13:31:54 +00:00

Opened #76 File splitting refactor — no file over 250 lines 2026-03-30 13:31:54 +00:00

Opened #77 Migrate secrets management to Infisical, remove Coolify env vars 2026-03-30 14:11:38 +00:00

1 Unresolved Conversation

Open #23 feat: add user login and data processing endpoint 2026-03-25 19:30:06 +00:00