frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: CommitGate – Automatically scan your commit for vulnerabilities

https://github.com/ductrl/CommitGate
4•ductrl•8h ago
Hello HN! I built a pre-commit code scanner that checks your staged changes for security vulnerabilities every time you run 'git commit'.

I am an inexperienced programmer and this is my first personal project. Any feedback, positive or negative, big or small, relevant or not, would be greatly helpful and appreciated!

The tool requires Gitleaks and Python to run, you will also need to use your own AI API key, which I understand is a big setup friction. You can check out my demo video instead if that is more convenient: https://youtu.be/ZYe5vWFRTus?si=9Fv8DhTHktwDK4mV

Thank you so much for giving my project a try!!!

Comments

buffer_overlord•8h ago
Vu1nz does something similar but at the PR level
ductrl•8h ago
I am aware of existing tools doing the same thing at the PR level. I wanted to create a tool for commits since it is when the changes enter Git history.

I am also wondering if it makes more sense to have the tool check right before a push instead since that's when the vulnerabilities actually get sent to the Internet

buffer_overlord•6h ago
The problem for me was contributions I was getting 183 a day and couldn’t figure out what was malware and what was legit so my friend built me vu1nz
asadeddin•4h ago
Full disclosure, Ahmad, CEO at Corgea.

Interesting approach, catching vulns at commit time before CI runs saves cycles. The challenge is always false positive rate at that stage and the AI inference time. How fast is the review? I saw the demo video and it seems you cut to the results.

Bnjoroge•30m ago
Personally, I disable pre-commit hooks because they’re annoying and slow me down. Pre-push hook would make more sense. Secondly, i’d ideally want to use my codex/ claude subs for this, not an api key

Show HN: CleverCrow: give tokens to your favorite projects

https://clevercrow.io
29•zhubert•4h ago•43 comments

Show HN: Teach your kids perfect pitch

https://github.com/paytonjjones/bsharp
35•paytonjjones•11h ago•23 comments

Show HN: Pulse – Dashboard for Claude Code, approve tool calls from your phone

https://github.com/nikitadoudikov/claude-pulse
31•nikitadvd•1d ago•12 comments

Show HN: DebugBrief – turn debugging sessions into reports, no AI

https://github.com/harihkk/Debug-Brief
5•itshkrishna•4h ago•1 comments

Show HN: TownSquare, a tiny presence layer for websites

https://townsquare.cauenapier.com/
248•cauenapier•1d ago•143 comments

Show HN: StartupWiki – A Free Alternative to Crunchbase

https://startupwiki.tech/
222•shpran•1d ago•67 comments

Show HN: Make PDFs look scanned (CLI or in the browser via WASM)

https://github.com/overflowy/make-look-scanned
142•overflowy•1d ago•63 comments

SHOW HN: I built a social profile for vibecoders to share & store their projects

https://kritive.com
3•sonOfHades•4h ago•1 comments

Show HN: GreyFox – Free self-hosted AI proxy, token quotas, and local cache

https://github.com/skillful-fox-studio/grey-fox-community
2•SkilfulFox•4h ago•0 comments

Show HN: Microcrad – Micrograd Reimplemented in C

https://github.com/oraziorillo/microcrad
77•oraziorillo•4d ago•28 comments

Show HN: My Windows XP portfolio with working Game Boy and iPod

https://mitchivin.com/
69•mitchivin•1d ago•33 comments

Show HN: Pure Effect – Reproduce production bugs on your laptop without a DB

https://pure-effect.org
2•tie-in•6h ago•0 comments

Show HN: We post-trained a model that pen tests instead of refusing

https://www.argusred.com/cli
88•dk189•1d ago•39 comments

Show HN: Talos – Open-source WASM interpreter for Lean

https://github.com/cajal-technologies/talos
105•mfornet•3d ago•28 comments

Show HN: Chainstack Self-Hosted, hosting your own blockchain nodes made simple

https://docs.chainstack.com/docs/self-hosted/introduction
8•loshaaaa•11h ago•0 comments

Show HN: Chess-Inspired Roguelike

https://princechazz.com
16•cowboy_henk•17h ago•3 comments

Show HN: CommitGate – Automatically scan your commit for vulnerabilities

https://github.com/ductrl/CommitGate
4•ductrl•8h ago•5 comments

Show HN: Trustmux – Lightweight Secure Daemon for Mobile Shell Access

https://trustmux.dev
4•dustinkirkland•8h ago•0 comments

Show HN: Metiq: a real time 3D globe for 100 public datasets

https://metiq.space
145•rakeda•5d ago•42 comments

Show HN: Gerrymandle - Daily puzzle game where you redraw electoral districts

https://gerrymandle.cc/
235•realmofthemad•3d ago•78 comments

Show HN: Ember, a native iOS Hacker News reader I built around accessibility

https://github.com/DatanoiseTV/ember-hackernews
99•sylwester•1d ago•28 comments

Show HN: Criterion Closet as a website – pull any of 1,247 films off the shelf

https://the-criterion-closet.vercel.app
33•olievans•1d ago•8 comments

Show HN: lpviz – Interactive linear programming visualization in the browser

https://lpviz.net/
8•klamike•9h ago•1 comments

Show HN: Stock analysis tool with quality scores and fundamental charting

https://intrinsiqq.com
7•FlippieFinance•10h ago•0 comments

Show HN: Tiny – An interpeted dynamic langauge with inline Go native functions

https://github.com/confh/Tiny
40•confis•1d ago•13 comments

Show HN: I made a social accountability app to make me ship

https://www.shipstreak.fyi/
2•Cbagenal•10h ago•1 comments

Show HN: Souso – plan your week, fill your AH/Jumbo basket (MEGATHON Amsterdam)

https://souso.app
7•ntorresdev•10h ago•2 comments

Show HN: TermType – a terminal typing game where words fall like Space Invaders

https://github.com/GiovanniCst/termtype
5•J_cst•11h ago•0 comments

Show HN: TLA+ Process Studio

https://tlaplus-process-studio.com/?example=meeting-lifecycle
12•uptodatenews•1d ago•1 comments

Show HN: Agentic coding workflows built on Git worktrees and task evidence

https://github.com/alex-reysa/glueRun-go
10•alexreysa•1d ago•1 comments