diff --git a/docs/changelog.md b/docs/changelog.md index 21d85d40..aa41bf94 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -5,6 +5,14 @@ description: The latest updates and changes to CodeRabbit. sidebar_position: 13 --- +## August 14, 2025 + +### OSV-Scanner Integration + +We've added support for [OSV-Scanner](https://github.com/google/osv-scanner), Google's vulnerability scanner that identifies security vulnerabilities in your project's dependencies and installed packages using the [OSV.dev](https://osv.dev) database. + +OSV-Scanner requires an `osv-scanner.toml` configuration file to run. See our [OSV-Scanner documentation](/tools/osv-scanner) for more details. + ## August 4, 2025 ### Model Context Protocol (MCP) Server Integration - Early Access diff --git a/docs/tools/list.md b/docs/tools/list.md index f81880a3..5cf04507 100644 --- a/docs/tools/list.md +++ b/docs/tools/list.md @@ -9,48 +9,48 @@ For more information about fine-tuning the CodeRabbit configuration of a tool, c For an overview of how CodeRabbit uses these tools when generating code reviews, as well as general information about controlling their use, see [Configure third-party tools](/tools/). -| Technology | Tools | Category | -| :-------------------------- | :--------------------------------------------------------- | :-------------------------------------------------- | -| All | [Gitleaks][Gitleaks], [Pipeline Remediation][Pipeline] | Code Security, CI/CD | -| Azure DevOps Pipelines | [Pipeline Remediation][Pipeline] | CI/CD Failure Remediation | -| CircleCI | [CircleCI][CircleCI], [Pipeline Remediation][Pipeline] | Configuration Validation, CI/CD Failure Remediation | -| CloudFormation | [Checkov][Checkov] | Code Security | -| Cppcheck | [Cppcheck][Cppcheck] | Code Quality | -| CSS | [Biome][Biome] | Code Quality | -| Docker | [Hadolint][Hadolint], [Checkov][Checkov] | Code Quality, Code Security | -| Environment Files (.env) | [Dotenv Linter][DotenvLinter] | Code Quality | -| GitHub Actions | [actionlint][actionlint], [Pipeline Remediation][Pipeline] | Code Quality, CI/CD Failure Remediation | -| GitLab Pipelines | [Pipeline Remediation][Pipeline] | CI/CD Failure Remediation | -| Go | [golangci-lint][golangci-lint] | Code Quality | -| Helm | [Checkov][Checkov] | Code Security | -| HTML | [HTMLHint][HTMLHint] | Code Quality | -| Javascript | [Biome][Biome], [oxlint][oxlint] | Code Quality | -| JSON, JSONC | [Biome][Biome] | Code Quality | -| JSX | [Biome][Biome], [oxlint][oxlint] | Code Quality | -| Kotlin | [detekt][detekt] | Code Quality | -| Kubernetes | [Checkov][Checkov] | Code Security | -| Lua | [Luacheck][Luacheck] | Code Quality | -| Makefile | [Checkmake][Checkmake] | Code Quality | -| Markdown | [markdownlint][markdownlint], [LanguageTool][LanguageTool] | Code Quality, Grammar Checking | -| PHP | [PHPStan][PHPStan], [PHPMD][PHPMD], [PHPCS][PHPCS] | Code Quality | -| Plaintext | [LanguageTool][LanguageTool] | Grammar and Spell Checking | -| Java | [PMD][PMD] | Code Quality | -| Protobuf | [Buf][Buf] | Code Quality | -| Python | [Ruff][Ruff], [Pylint][Pylint], [Flake8][Flake8] | Code Quality | -| Jupyter Notebooks | [Ruff][Ruff], [Pylint][Pylint], [Flake8][Flake8] | Code Quality | -| Regal | [Regal][Regal] | Code Quality | -| Ruby | [RuboCop][RuboCop], [Brakeman][Brakeman] | Code Quality, Code Security | -| Rust | [Clippy][Clippy] | Code Quality | -| Semgrep | [Semgrep][Semgrep] | Code Security | -| Shell (sh, bash, ksh, dash) | [ShellCheck][ShellCheck] | Code Quality | -| Shopify | [Shopify CLI][ShopifyCLI] | Code Quality | -| SQL | [SQLFluff][SQLFluff] | Code Quality | -| Swift | [SwiftLint][SwiftLint] | Code Quality | -| Terraform | [Checkov][Checkov] | Code Security | -| TSX | [Biome][Biome], [oxlint][oxlint] | Code Quality | -| Typescript | [Biome][Biome], [oxlint][oxlint] | Code Quality | -| YAML | [YAMLlint][YAMLlint] | Code Quality | -| Prisma | [Prisma Lint][PrismaLint] | Code Quality | +| Technology | Tools | Category | +| :-------------------------- | :-------------------------------------------------------------------------------- | :-------------------------------------------------- | +| All | [Gitleaks][Gitleaks], [OSV-Scanner][OSVScanner], [Pipeline Remediation][Pipeline] | Code Security, CI/CD | +| Azure DevOps Pipelines | [Pipeline Remediation][Pipeline] | CI/CD Failure Remediation | +| CircleCI | [CircleCI][CircleCI], [Pipeline Remediation][Pipeline] | Configuration Validation, CI/CD Failure Remediation | +| CloudFormation | [Checkov][Checkov] | Code Security | +| Cppcheck | [Cppcheck][Cppcheck] | Code Quality | +| CSS | [Biome][Biome] | Code Quality | +| Docker | [Hadolint][Hadolint], [Checkov][Checkov] | Code Quality, Code Security | +| Environment Files (.env) | [Dotenv Linter][DotenvLinter] | Code Quality | +| GitHub Actions | [actionlint][actionlint], [Pipeline Remediation][Pipeline] | Code Quality, CI/CD Failure Remediation | +| GitLab Pipelines | [Pipeline Remediation][Pipeline] | CI/CD Failure Remediation | +| Go | [golangci-lint][golangci-lint] | Code Quality | +| Helm | [Checkov][Checkov] | Code Security | +| HTML | [HTMLHint][HTMLHint] | Code Quality | +| Javascript | [Biome][Biome], [oxlint][oxlint] | Code Quality | +| JSON, JSONC | [Biome][Biome] | Code Quality | +| JSX | [Biome][Biome], [oxlint][oxlint] | Code Quality | +| Kotlin | [detekt][detekt] | Code Quality | +| Kubernetes | [Checkov][Checkov] | Code Security | +| Lua | [Luacheck][Luacheck] | Code Quality | +| Makefile | [Checkmake][Checkmake] | Code Quality | +| Markdown | [markdownlint][markdownlint], [LanguageTool][LanguageTool] | Code Quality, Grammar Checking | +| PHP | [PHPStan][PHPStan], [PHPMD][PHPMD], [PHPCS][PHPCS] | Code Quality | +| Plaintext | [LanguageTool][LanguageTool] | Grammar and Spell Checking | +| Java | [PMD][PMD] | Code Quality | +| Protobuf | [Buf][Buf] | Code Quality | +| Python | [Ruff][Ruff], [Pylint][Pylint], [Flake8][Flake8] | Code Quality | +| Jupyter Notebooks | [Ruff][Ruff], [Pylint][Pylint], [Flake8][Flake8] | Code Quality | +| Regal | [Regal][Regal] | Code Quality | +| Ruby | [RuboCop][RuboCop], [Brakeman][Brakeman] | Code Quality, Code Security | +| Rust | [Clippy][Clippy] | Code Quality | +| Semgrep | [Semgrep][Semgrep] | Code Security | +| Shell (sh, bash, ksh, dash) | [ShellCheck][ShellCheck] | Code Quality | +| Shopify | [Shopify CLI][ShopifyCLI] | Code Quality | +| SQL | [SQLFluff][SQLFluff] | Code Quality | +| Swift | [SwiftLint][SwiftLint] | Code Quality | +| Terraform | [Checkov][Checkov] | Code Security | +| TSX | [Biome][Biome], [oxlint][oxlint] | Code Quality | +| Typescript | [Biome][Biome], [oxlint][oxlint] | Code Quality | +| YAML | [YAMLlint][YAMLlint] | Code Quality | +| Prisma | [Prisma Lint][PrismaLint] | Code Quality | [ShellCheck]: /tools/shellcheck.md [SQLFluff]: /tools/sqlfluff.md @@ -88,3 +88,4 @@ For an overview of how CodeRabbit uses these tools when generating code reviews, [PHPMD]: /tools/phpmd.md [PHPCS]: /tools/phpcs.md [Flake8]: /tools/flake8.md +[OSVScanner]: /tools/osv-scanner.md diff --git a/docs/tools/osv-scanner.md b/docs/tools/osv-scanner.md new file mode 100644 index 00000000..02439f98 --- /dev/null +++ b/docs/tools/osv-scanner.md @@ -0,0 +1,29 @@ +--- +title: OSV-Scanner +sidebar_label: OSV-Scanner +description: CodeRabbit's guide to OSV-Scanner. +--- + +```mdx-code-block +import ProPlanNotice from '@site/src/components/ProPlanNotice.mdx'; + + +``` + +[OSV-Scanner](https://github.com/google/osv-scanner) is Google's vulnerability scanner that identifies vulnerabilities in your project's dependencies using the [OSV.dev](https://osv.dev) database. + +## Configuration + +OSV-Scanner requires an `osv-scanner.toml` configuration file to run. + +:::note + +CodeRabbit will only run OSV-Scanner if your repository contains an `osv-scanner.toml` configuration file. + +::: + +## Links + +- [OSV-Scanner GitHub Repository](https://github.com/google/osv-scanner) +- [OSV-Scanner Documentation](https://google.github.io/osv-scanner/) +- [OSV.dev Database](https://osv.dev) diff --git a/sidebars.ts b/sidebars.ts index 31081f0c..f46d521a 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -202,6 +202,7 @@ const sidebars: SidebarsConfig = { "tools/languagetool", "tools/luacheck", "tools/markdownlint", + "tools/osv-scanner", "tools/oxlint", "tools/phpcs", "tools/phpmd",