Commitf2c5c96

committed

adding osv-scanner

1 parentbf13a49 commitf2c5c96Copy full SHA for f2c5c96

File tree

3 files changed

+80

-42

lines changed

docs
- changelog.md
- tools
  - list.md
  - osv-scanner.md

3 files changed

+80

-42

lines changed

`‎docs/changelog.md‎`

Lines changed: 8 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,6 +5,14 @@ description: The latest updates and changes to CodeRabbit.`
`5`	`5`	`sidebar_position:13`
`6`	`6`	`---`
`7`	`7`
	`8`	`+##August 14, 2025`
	`9`	`+`
	`10`	`+###OSV-Scanner Integration`
	`11`	`+`
	`12`	`+We've added support for[OSV-Scanner](https://github.com/google/osv-scanner), Google's vulnerability scanner that identifies security vulnerabilities in your project's dependencies and installed packages using the[OSV.dev](https://osv.dev) database.`
	`13`	`+`
	`14`	+OSV-Scanner requires an`osv-scanner.toml` configuration file to run. See our[OSV-Scanner documentation](/tools/osv-scanner) for more details.
	`15`	`+`
`8`	`16`	`##August 4, 2025`
`9`	`17`
`10`	`18`	`###Model Context Protocol (MCP) Server Integration - Early Access`

`‎docs/tools/list.md‎`

Lines changed: 43 additions & 42 deletions

Original file line number	Diff line number	Diff line change
`@@ -9,48 +9,48 @@ For more information about fine-tuning the CodeRabbit configuration of a tool, c`
`9`	`9`
`10`	`10`	`For an overview of how CodeRabbit uses these tools when generating code reviews, as well as general information about controlling their use, see[Configure third-party tools](/tools/).`
`11`	`11`
`12`		`-\| Technology\| Tools\| Category\|`
`13`		`-\| :--------------------------\| :---------------------------------------------------------\| :--------------------------------------------------\|`
`14`		`-\| All\|[Gitleaks][Gitleaks],[Pipeline Remediation][Pipeline]\| Code Security, CI/CD\|`
`15`		`-\| Azure DevOps Pipelines\|[Pipeline Remediation][Pipeline]\| CI/CD Failure Remediation\|`
`16`		`-\| CircleCI\|[CircleCI][CircleCI],[Pipeline Remediation][Pipeline]\| Configuration Validation, CI/CD Failure Remediation\|`
`17`		`-\| CloudFormation\|[Checkov][Checkov]\| Code Security\|`
`18`		`-\| Cppcheck\|[Cppcheck][Cppcheck]\| Code Quality\|`
`19`		`-\| CSS\|[Biome][Biome]\| Code Quality\|`
`20`		`-\| Docker\|[Hadolint][Hadolint],[Checkov][Checkov]\| Code Quality, Code Security\|`
`21`		`-\| Environment Files (.env)\|[Dotenv Linter][DotenvLinter]\| Code Quality\|`
`22`		`-\| GitHub Actions\|[actionlint][actionlint],[Pipeline Remediation][Pipeline]\| Code Quality, CI/CD Failure Remediation\|`
`23`		`-\| GitLab Pipelines\|[Pipeline Remediation][Pipeline]\| CI/CD Failure Remediation\|`
`24`		`-\| Go\|[golangci-lint][golangci-lint]\| Code Quality\|`
`25`		`-\| Helm\|[Checkov][Checkov]\| Code Security\|`
`26`		`-\| HTML\|[HTMLHint][HTMLHint]\| Code Quality\|`
`27`		`-\| Javascript\|[Biome][Biome],[oxlint][oxlint]\| Code Quality\|`
`28`		`-\| JSON, JSONC\|[Biome][Biome]\| Code Quality\|`
`29`		`-\| JSX\|[Biome][Biome],[oxlint][oxlint]\| Code Quality\|`
`30`		`-\| Kotlin\|[detekt][detekt]\| Code Quality\|`
`31`		`-\| Kubernetes\|[Checkov][Checkov]\| Code Security\|`
`32`		`-\| Lua\|[Luacheck][Luacheck]\| Code Quality\|`
`33`		`-\| Makefile\|[Checkmake][Checkmake]\| Code Quality\|`
`34`		`-\| Markdown\|[markdownlint][markdownlint],[LanguageTool][LanguageTool]\| Code Quality, Grammar Checking\|`
`35`		`-\| PHP\|[PHPStan][PHPStan],[PHPMD][PHPMD],[PHPCS][PHPCS]\| Code Quality\|`
`36`		`-\| Plaintext\|[LanguageTool][LanguageTool]\| Grammar and Spell Checking\|`
`37`		`-\| Java\|[PMD][PMD]\| Code Quality\|`
`38`		`-\| Protobuf\|[Buf][Buf]\| Code Quality\|`
`39`		`-\| Python\|[Ruff][Ruff],[Pylint][Pylint],[Flake8][Flake8]\| Code Quality\|`
`40`		`-\| Jupyter Notebooks\|[Ruff][Ruff],[Pylint][Pylint],[Flake8][Flake8]\| Code Quality\|`
`41`		`-\| Regal\|[Regal][Regal]\| Code Quality\|`
`42`		`-\| Ruby\|[RuboCop][RuboCop],[Brakeman][Brakeman]\| Code Quality, Code Security\|`
`43`		`-\| Rust\|[Clippy][Clippy]\| Code Quality\|`
`44`		`-\| Semgrep\|[Semgrep][Semgrep]\| Code Security\|`
`45`		`-\| Shell (sh, bash, ksh, dash)\|[ShellCheck][ShellCheck]\| Code Quality\|`
`46`		`-\| Shopify\|[Shopify CLI][ShopifyCLI]\| Code Quality\|`
`47`		`-\| SQL\|[SQLFluff][SQLFluff]\| Code Quality\|`
`48`		`-\| Swift\|[SwiftLint][SwiftLint]\| Code Quality\|`
`49`		`-\| Terraform\|[Checkov][Checkov]\| Code Security\|`
`50`		`-\| TSX\|[Biome][Biome],[oxlint][oxlint]\| Code Quality\|`
`51`		`-\| Typescript\|[Biome][Biome],[oxlint][oxlint]\| Code Quality\|`
`52`		`-\| YAML\|[YAMLlint][YAMLlint]\| Code Quality\|`
`53`		`-\| Prisma\|[Prisma Lint][PrismaLint]\| Code Quality\|`
	`12`	`+\| Technology\| Tools\| Category\|`
	`13`	`+\| :--------------------------\| :--------------------------------------------------------------------------------\| :--------------------------------------------------\|`
	`14`	`+\| All\|[Gitleaks][Gitleaks],[OSV-Scanner][OSVScanner],[Pipeline Remediation][Pipeline]\| Code Security, CI/CD\|`
	`15`	`+\| Azure DevOps Pipelines\|[Pipeline Remediation][Pipeline]\| CI/CD Failure Remediation\|`
	`16`	`+\| CircleCI\|[CircleCI][CircleCI],[Pipeline Remediation][Pipeline]\| Configuration Validation, CI/CD Failure Remediation\|`
	`17`	`+\| CloudFormation\|[Checkov][Checkov]\| Code Security\|`
	`18`	`+\| Cppcheck\|[Cppcheck][Cppcheck]\| Code Quality\|`
	`19`	`+\| CSS\|[Biome][Biome]\| Code Quality\|`
	`20`	`+\| Docker\|[Hadolint][Hadolint],[Checkov][Checkov]\| Code Quality, Code Security\|`
	`21`	`+\| Environment Files (.env)\|[Dotenv Linter][DotenvLinter]\| Code Quality\|`
	`22`	`+\| GitHub Actions\|[actionlint][actionlint],[Pipeline Remediation][Pipeline]\| Code Quality, CI/CD Failure Remediation\|`
	`23`	`+\| GitLab Pipelines\|[Pipeline Remediation][Pipeline]\| CI/CD Failure Remediation\|`
	`24`	`+\| Go\|[golangci-lint][golangci-lint]\| Code Quality\|`
	`25`	`+\| Helm\|[Checkov][Checkov]\| Code Security\|`
	`26`	`+\| HTML\|[HTMLHint][HTMLHint]\| Code Quality\|`
	`27`	`+\| Javascript\|[Biome][Biome],[oxlint][oxlint]\| Code Quality\|`
	`28`	`+\| JSON, JSONC\|[Biome][Biome]\| Code Quality\|`
	`29`	`+\| JSX\|[Biome][Biome],[oxlint][oxlint]\| Code Quality\|`
	`30`	`+\| Kotlin\|[detekt][detekt]\| Code Quality\|`
	`31`	`+\| Kubernetes\|[Checkov][Checkov]\| Code Security\|`
	`32`	`+\| Lua\|[Luacheck][Luacheck]\| Code Quality\|`
	`33`	`+\| Makefile\|[Checkmake][Checkmake]\| Code Quality\|`
	`34`	`+\| Markdown\|[markdownlint][markdownlint],[LanguageTool][LanguageTool]\| Code Quality, Grammar Checking\|`
	`35`	`+\| PHP\|[PHPStan][PHPStan],[PHPMD][PHPMD],[PHPCS][PHPCS]\| Code Quality\|`
	`36`	`+\| Plaintext\|[LanguageTool][LanguageTool]\| Grammar and Spell Checking\|`
	`37`	`+\| Java\|[PMD][PMD]\| Code Quality\|`
	`38`	`+\| Protobuf\|[Buf][Buf]\| Code Quality\|`
	`39`	`+\| Python\|[Ruff][Ruff],[Pylint][Pylint],[Flake8][Flake8]\| Code Quality\|`
	`40`	`+\| Jupyter Notebooks\|[Ruff][Ruff],[Pylint][Pylint],[Flake8][Flake8]\| Code Quality\|`
	`41`	`+\| Regal\|[Regal][Regal]\| Code Quality\|`
	`42`	`+\| Ruby\|[RuboCop][RuboCop],[Brakeman][Brakeman]\| Code Quality, Code Security\|`
	`43`	`+\| Rust\|[Clippy][Clippy]\| Code Quality\|`
	`44`	`+\| Semgrep\|[Semgrep][Semgrep]\| Code Security\|`
	`45`	`+\| Shell (sh, bash, ksh, dash)\|[ShellCheck][ShellCheck]\| Code Quality\|`
	`46`	`+\| Shopify\|[Shopify CLI][ShopifyCLI]\| Code Quality\|`
	`47`	`+\| SQL\|[SQLFluff][SQLFluff]\| Code Quality\|`
	`48`	`+\| Swift\|[SwiftLint][SwiftLint]\| Code Quality\|`
	`49`	`+\| Terraform\|[Checkov][Checkov]\| Code Security\|`
	`50`	`+\| TSX\|[Biome][Biome],[oxlint][oxlint]\| Code Quality\|`
	`51`	`+\| Typescript\|[Biome][Biome],[oxlint][oxlint]\| Code Quality\|`
	`52`	`+\| YAML\|[YAMLlint][YAMLlint]\| Code Quality\|`
	`53`	`+\| Prisma\|[Prisma Lint][PrismaLint]\| Code Quality\|`
`54`	`54`
`55`	`55`	`[ShellCheck]:/tools/shellcheck.md`
`56`	`56`	`[SQLFluff]:/tools/sqlfluff.md`
`@@ -88,3 +88,4 @@ For an overview of how CodeRabbit uses these tools when generating code reviews,`
`88`	`88`	`[PHPMD]:/tools/phpmd.md`
`89`	`89`	`[PHPCS]:/tools/phpcs.md`
`90`	`90`	`[Flake8]:/tools/flake8.md`
	`91`	`+[OSVScanner]:/tools/osv-scanner.md`

`‎docs/tools/osv-scanner.md‎`

Lines changed: 29 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,29 @@`
	`1`	`+---`
	`2`	`+title:OSV-Scanner`
	`3`	`+sidebar_label:OSV-Scanner`
	`4`	`+description:CodeRabbit's guide to OSV-Scanner.`
	`5`	`+---`
	`6`	`+`
	`7`	+```mdx-code-block
	`8`	`+import ProPlanNotice from '@site/src/components/ProPlanNotice.mdx';`
	`9`	`+`
	`10`	`+<ProPlanNotice />`
	`11`	+```
	`12`	`+`
	`13`	`+[OSV-Scanner](https://github.com/google/osv-scanner) is Google's vulnerability scanner that identifies vulnerabilities in your project's dependencies using the[OSV.dev](https://osv.dev) database.`
	`14`	`+`
	`15`	`+##Configuration`
	`16`	`+`
	`17`	+OSV-Scanner requires an`osv-scanner.toml` configuration file to run.
	`18`	`+`
	`19`	`+:::note`
	`20`	`+`
	`21`	+CodeRabbit will only run OSV-Scanner if your repository contains an`osv-scanner.toml` configuration file.
	`22`	`+`
	`23`	`+:::`
	`24`	`+`
	`25`	`+##Links`
	`26`	`+`
	`27`	`+-[OSV-Scanner GitHub Repository](https://github.com/google/osv-scanner)`
	`28`	`+-[OSV-Scanner Documentation](https://google.github.io/osv-scanner/)`
	`29`	`+-[OSV.dev Database](https://osv.dev)`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitf2c5c96

File tree

3 files changed

3 files changed

`‎docs/changelog.md‎`

`‎docs/tools/list.md‎`

`‎docs/tools/osv-scanner.md‎`

0 commit comments