Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings
This repository was archived by the owner on Aug 16, 2025. It is now read-only.

adding osv-scanner#498

Closed
alexcoderabbitai wants to merge2 commits intomainfromfeat/osv-scanner
Closed
Show file tree
Hide file tree
Changes fromall commits
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletionsdocs/changelog.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -5,6 +5,14 @@ description: The latest updates and changes to CodeRabbit.
sidebar_position: 13
---

## August 14, 2025

### OSV-Scanner Integration

We've added support for [OSV-Scanner](https://github.com/google/osv-scanner), Google's vulnerability scanner that identifies security vulnerabilities in your project's dependencies and installed packages using the [OSV.dev](https://osv.dev) database.

OSV-Scanner requires an `osv-scanner.toml` configuration file to run. See our [OSV-Scanner documentation](/tools/osv-scanner) for more details.

## August 4, 2025

### Model Context Protocol (MCP) Server Integration - Early Access
Expand Down
85 changes: 43 additions & 42 deletionsdocs/tools/list.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -9,48 +9,48 @@ For more information about fine-tuning the CodeRabbit configuration of a tool, c

For an overview of how CodeRabbit uses these tools when generating code reviews, as well as general information about controlling their use, see [Configure third-party tools](/tools/).

| Technology | Tools | Category |
| :-------------------------- | :--------------------------------------------------------- | :-------------------------------------------------- |
| All | [Gitleaks][Gitleaks], [Pipeline Remediation][Pipeline] | Code Security, CI/CD |
| Azure DevOps Pipelines | [Pipeline Remediation][Pipeline] | CI/CD Failure Remediation |
| CircleCI | [CircleCI][CircleCI], [Pipeline Remediation][Pipeline] | Configuration Validation, CI/CD Failure Remediation |
| CloudFormation | [Checkov][Checkov] | Code Security |
| Cppcheck | [Cppcheck][Cppcheck] | Code Quality |
| CSS | [Biome][Biome] | Code Quality |
| Docker | [Hadolint][Hadolint], [Checkov][Checkov] | Code Quality, Code Security |
| Environment Files (.env) | [Dotenv Linter][DotenvLinter] | Code Quality |
| GitHub Actions | [actionlint][actionlint], [Pipeline Remediation][Pipeline] | Code Quality, CI/CD Failure Remediation |
| GitLab Pipelines | [Pipeline Remediation][Pipeline] | CI/CD Failure Remediation |
| Go | [golangci-lint][golangci-lint] | Code Quality |
| Helm | [Checkov][Checkov] | Code Security |
| HTML | [HTMLHint][HTMLHint] | Code Quality |
| Javascript | [Biome][Biome], [oxlint][oxlint] | Code Quality |
| JSON, JSONC | [Biome][Biome] | Code Quality |
| JSX | [Biome][Biome], [oxlint][oxlint] | Code Quality |
| Kotlin | [detekt][detekt] | Code Quality |
| Kubernetes | [Checkov][Checkov] | Code Security |
| Lua | [Luacheck][Luacheck] | Code Quality |
| Makefile | [Checkmake][Checkmake] | Code Quality |
| Markdown | [markdownlint][markdownlint], [LanguageTool][LanguageTool] | Code Quality, Grammar Checking |
| PHP | [PHPStan][PHPStan], [PHPMD][PHPMD], [PHPCS][PHPCS] | Code Quality |
| Plaintext | [LanguageTool][LanguageTool] | Grammar and Spell Checking |
| Java | [PMD][PMD] | Code Quality |
| Protobuf | [Buf][Buf] | Code Quality |
| Python | [Ruff][Ruff], [Pylint][Pylint], [Flake8][Flake8] | Code Quality |
| Jupyter Notebooks | [Ruff][Ruff], [Pylint][Pylint], [Flake8][Flake8] | Code Quality |
| Regal | [Regal][Regal] | Code Quality |
| Ruby | [RuboCop][RuboCop], [Brakeman][Brakeman] | Code Quality, Code Security |
| Rust | [Clippy][Clippy] | Code Quality |
| Semgrep | [Semgrep][Semgrep] | Code Security |
| Shell (sh, bash, ksh, dash) | [ShellCheck][ShellCheck] | Code Quality |
| Shopify | [Shopify CLI][ShopifyCLI] | Code Quality |
| SQL | [SQLFluff][SQLFluff] | Code Quality |
| Swift | [SwiftLint][SwiftLint] | Code Quality |
| Terraform | [Checkov][Checkov] | Code Security |
| TSX | [Biome][Biome], [oxlint][oxlint] | Code Quality |
| Typescript | [Biome][Biome], [oxlint][oxlint] | Code Quality |
| YAML | [YAMLlint][YAMLlint] | Code Quality |
| Prisma | [Prisma Lint][PrismaLint] | Code Quality |
| Technology | Tools| Category |
| :-------------------------- | :-------------------------------------------------------------------------------- | :-------------------------------------------------- |
| All | [Gitleaks][Gitleaks], [OSV-Scanner][OSVScanner], [Pipeline Remediation][Pipeline] | Code Security, CI/CD |
| Azure DevOps Pipelines | [Pipeline Remediation][Pipeline]| CI/CD Failure Remediation |
| CircleCI | [CircleCI][CircleCI], [Pipeline Remediation][Pipeline]| Configuration Validation, CI/CD Failure Remediation |
| CloudFormation | [Checkov][Checkov]| Code Security |
| Cppcheck | [Cppcheck][Cppcheck]| Code Quality |
| CSS | [Biome][Biome]| Code Quality |
| Docker | [Hadolint][Hadolint], [Checkov][Checkov]| Code Quality, Code Security |
| Environment Files (.env) | [Dotenv Linter][DotenvLinter]| Code Quality |
| GitHub Actions | [actionlint][actionlint], [Pipeline Remediation][Pipeline]| Code Quality, CI/CD Failure Remediation |
| GitLab Pipelines | [Pipeline Remediation][Pipeline]| CI/CD Failure Remediation |
| Go | [golangci-lint][golangci-lint]| Code Quality |
| Helm | [Checkov][Checkov]| Code Security |
| HTML | [HTMLHint][HTMLHint]| Code Quality |
| Javascript | [Biome][Biome], [oxlint][oxlint]| Code Quality |
| JSON, JSONC | [Biome][Biome]| Code Quality |
| JSX | [Biome][Biome], [oxlint][oxlint]| Code Quality |
| Kotlin | [detekt][detekt]| Code Quality |
| Kubernetes | [Checkov][Checkov]| Code Security |
| Lua | [Luacheck][Luacheck]| Code Quality |
| Makefile | [Checkmake][Checkmake]| Code Quality |
| Markdown | [markdownlint][markdownlint], [LanguageTool][LanguageTool]| Code Quality, Grammar Checking |
| PHP | [PHPStan][PHPStan], [PHPMD][PHPMD], [PHPCS][PHPCS]| Code Quality |
| Plaintext | [LanguageTool][LanguageTool]| Grammar and Spell Checking |
| Java | [PMD][PMD]| Code Quality |
| Protobuf | [Buf][Buf]| Code Quality |
| Python | [Ruff][Ruff], [Pylint][Pylint], [Flake8][Flake8]| Code Quality |
| Jupyter Notebooks | [Ruff][Ruff], [Pylint][Pylint], [Flake8][Flake8]| Code Quality |
| Regal | [Regal][Regal]| Code Quality |
| Ruby | [RuboCop][RuboCop], [Brakeman][Brakeman]| Code Quality, Code Security |
| Rust | [Clippy][Clippy]| Code Quality |
| Semgrep | [Semgrep][Semgrep]| Code Security |
| Shell (sh, bash, ksh, dash) | [ShellCheck][ShellCheck]| Code Quality |
| Shopify | [Shopify CLI][ShopifyCLI]| Code Quality |
| SQL | [SQLFluff][SQLFluff]| Code Quality |
| Swift | [SwiftLint][SwiftLint]| Code Quality |
| Terraform | [Checkov][Checkov]| Code Security |
| TSX | [Biome][Biome], [oxlint][oxlint]| Code Quality |
| Typescript | [Biome][Biome], [oxlint][oxlint]| Code Quality |
| YAML | [YAMLlint][YAMLlint]| Code Quality |
| Prisma | [Prisma Lint][PrismaLint]| Code Quality |

[ShellCheck]: /tools/shellcheck.md
[SQLFluff]: /tools/sqlfluff.md
Expand DownExpand Up@@ -88,3 +88,4 @@ For an overview of how CodeRabbit uses these tools when generating code reviews,
[PHPMD]: /tools/phpmd.md
[PHPCS]: /tools/phpcs.md
[Flake8]: /tools/flake8.md
[OSVScanner]: /tools/osv-scanner.md
29 changes: 29 additions & 0 deletionsdocs/tools/osv-scanner.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
---
title: OSV-Scanner
sidebar_label: OSV-Scanner
description: CodeRabbit's guide to OSV-Scanner.
---

```mdx-code-block
import ProPlanNotice from '@site/src/components/ProPlanNotice.mdx';

<ProPlanNotice />
```

[OSV-Scanner](https://github.com/google/osv-scanner) is Google's vulnerability scanner that identifies vulnerabilities in your project's dependencies using the [OSV.dev](https://osv.dev) database.

## Configuration

OSV-Scanner requires an `osv-scanner.toml` configuration file to run.

:::note

CodeRabbit will only run OSV-Scanner if your repository contains an `osv-scanner.toml` configuration file.

:::

## Links

- [OSV-Scanner GitHub Repository](https://github.com/google/osv-scanner)
- [OSV-Scanner Documentation](https://google.github.io/osv-scanner/)
- [OSV.dev Database](https://osv.dev)
1 change: 1 addition & 0 deletionssidebars.ts
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -202,6 +202,7 @@ const sidebars: SidebarsConfig = {
"tools/languagetool",
"tools/luacheck",
"tools/markdownlint",
"tools/osv-scanner",
"tools/oxlint",
"tools/phpcs",
"tools/phpmd",
Expand Down
[8]ページ先頭
©2009-2025 Movatter.jp