RedReplierRedReplier
Sign InGet Started
skylos.dev

You ShippedNow Time to Market

r/opensourceu/Fanta_futuro3 years agoPosts

Python SAST Security Tools?

90% match
So, for my apprenticeship i have to find a new SAST Security Tool to integrate into a pipeline. The only actual boundary is that it has to be open-source. Just so you know, the pipeline runs into a Do
semgrep alternative
r/learnpythonu/WaterFromPotato3 years agoPosts

Finding unused function/classes

90% match
Hi, Recently I rewritten some parts of my Python project to other language and I wanted to remove no longer used code. I started to use vulture https://github.com/jendrikseipp/vulture which works fine for most simple cases, but where I have 2 functions with same name in different context(one is class method, second is normal function) and only one is used then tool cannot find such situation. Is there any more advanced tool(best if python have this builtin) to do find more examples of unused code?
find unused code python
r/devsecopsu/Sweaty_Committee_60910 months agoPosts

Need genuine suggestions for SAST tool for my startup (budget friendly)

88% match
I need a good SAST tool that also works well for cloud security. Been using Semgrep for SAST + cloud security checks, but it’s getting pricey for me lately. Looking for an affordable alternative that
semgrep alternative
r/opensourceu/Fanta_futuro3 years agoPosts

Python SAST Security Tools?

78% match
So, for my apprenticeship i have to find a new SAST Security Tool to integrate into a pipeline. The only actual boundary is that it has to be open-source. Just so you know, the pipeline runs into a Docker container. It would be better if it easily implementable (in this project we use mainly Docker, maven and pip to install new tools in the container). Another guideline would be to find a tool that analyzes very used languages (like Python or Java). Alternately, can do other stuff but it should be simple enough to me to understand it (maybe policies tester are out of my league? i dunno). We already use Trivy, Bandit, Semgrep, Safety, Checkov, [and under maven:] Spotbugs, OWASP DC and Spotless (Techincally also Kubescape and Talisman but we have not fully developed them yet) Before you ask, yes...i've tried to search on my own (pretty deeply, i think). So this what my precedent tries/alternatives are: Flawfinder (a bit tricky to install and analyze only C/C++) Pysa/Pyrecheck (it's not easy to install, hard to understand, and prints strange errors) Bearer (probably my choice if i don't find a python alternative but...i hate Java) Sorry for the long message and thanks to all for any advice or answer on the post. Of course i don't expect you to research, that is my job. Just write if anything pops in your mind. Thx again!
semgrep alternative
r/webdevu/Shot-Bag-92193 years agoPosts

Open source tool to prevent api-keys from leaking to git and detect hardcoded secrets

65% match
detect hardcoded secrets
r/vibecodingu/vibelint_dev2 months agoPosts

Built a guardrail for vibe coding after AI slipped a hardcoded secret into my app

60% match
While building with AI agents, I realized the biggest problem wasn’t getting code generated — it was trusting code that looked fine and worked. In one case, I shipped code that exposed a secret. Afte
detect hardcoded secrets
r/learnpythonu/WaterFromPotato3 years agoPosts

Finding unused function/classes

60% match
Hi, Recently I rewritten some parts of my Python project to other language and I wanted to remove no longer used code. I started to use vulture [https://github.com/jendrikseipp/vulture](https
unused functions python
r/Pythonu/djinn_096 months agoPosts

CytoScnPy: Python Dead Code Detection

55% match
What My Project Does CytoScnPy is a fast, practical static analysis tool for Python that focuses on identifying dead code, basic security risks, and simple code quality metrics—with
find unused code python
r/learnpythonu/olddoglearnsnewtrick3 years agoPosts

Tips for detecting unused functions

55% match
In the past 6 months I've written 9 python jobs, each of which can include one or more of 5 modules I've written which live in the same project tree. Each of these modules contains a few dozen functi
unused functions python
r/gitlabu/teyhouse3 years agoPosts

Implement SAST

55% match
I would like to implement SAST Scanning in our company. Due to budget constraints preventing us from obtaining GitLab Ultimate, we are planning to take on this task ourselves. We currently operate both an On-Premises GitLab instance and a GitLab SaaS instance. For our On-Premises setup, we are considering using a pre-receive hook on the server-side in conjunction with tools like Semgrep or similar solutions. However, I'm unsure about the feasibility of achieving the same in GitLab SaaS. I came across some information about the Gitaly CLI, but I lack sufficient experience in this area to make a judgment. Another challenge we face is performing scans on all existing repositories without relying on our developers to implement individual pipelines. Our aim is to establish a centralized approach to ensure consistency. One approach I've considered is creating a container that periodically clones all repositories and conducts scans. However, I'm concerned about the potential resource-intensive nature of this method. I'm open to alternative suggestions that might be more resource-efficient. I'm looking forward to your insights and ideas. Thank you in advance!
semgrep alternative
Subscribe to unlock
Unlock all 339 opportunities

Find customers in real time, the moment they ask for what you built.

RedReplierRedReplier

RedReplier scans the seas of Reddit and X around the clock, so you never miss a soul asking for what you built.

2026 RedReplier. All hands on deck.