Automated security gate for SENG 473 Information Security Final Project.
| Name | Student ID |
|---|---|
| Fadumo Jamal Salad | 210208954 |
| Hafsa Omar Ismail Samatar | 210208735 |
| Sabreen Elmi Aidarus Gure | 210208856 |
Automatically scans code for security issues on every push and blocks deployment if vulnerabilities are found.
- Stage 1 - Gitleaks → detects hardcoded secrets and API keys
- Stage 2 - Bandit → detects SQL injection and code vulnerabilities
- Stage 3 - pip-audit → detects vulnerable outdated libraries (44 CVEs found)
| Type | Location | Tool |
|---|---|---|
| Hardcoded secrets | app.py lines 7-9 | Gitleaks + Bandit |
| SQL Injection | app.py line 45 | Bandit |
| Outdated libraries | requirements.txt | pip-audit |
cd app
python app.py