htrgouvea / fuzzpm Goto Github PK
View Code? Open in Web Editor NEWDifferential Fuzzer to hunt for logic bugs on Perl Modules
Home Page: https://heitorgouvea.me/2021/12/08/Differential-Fuzzing-Perl-Libs
License: Other
Differential Fuzzer to hunt for logic bugs on Perl Modules
Home Page: https://heitorgouvea.me/2021/12/08/Differential-Fuzzing-Perl-Libs
License: Other
It is necessary to add ZARN (github.com/htrgouvea/zarn) as a SAST resource to check for security issues in all codes that are inserted into this repository.
Ideally, this is a step that you execute with each new PR.
The integration of unit testing is not merely a best practice but a crucial step toward ensuring the reliability and resilience of our codebase. By conducting targeted tests on individual components, we fortify our project against bugs, elevate code stability, and lay the foundation for seamless collaboration.
Unit testing offers early bug detection, instills confidence during refactoring, and serves as living documentation for our code. In our context, it translates to enhanced code quality, improved collaboration, and accelerated development.
To kickstart this process, let's identify critical components, select a fitting testing framework, craft comprehensive test cases, and seamlessly integrate tests into our CI/CD pipeline.
The idea here is to use FuzzPM itself to fuzz the dependencies of:
https://github.com/htrgouvea/spellbook
https://github.com/htrgouvea/nozaki
https://github.com/htrgouvea/nipe
https://github.com/htrgouvea/fuzzpm
https://github.com/htrgouvea/harpoon
https://github.com/htrgouvea/zarn
The objective is to implement a continuous process, perhaps using Github Actions so that this fuzzing process tries to find bugs in the dependencies and thus help increase the security maturity of each of the projects.
Using an SCA (Software Composition Analysis) is super important for code integrity and application security. There is no SCA present in this repository yet, so I am opening this issue to plan this activity.
Reference: https://owasp.org/www-community/Component_Analysis
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.