Skip to content

SSWConsulting/SSW.CodeAuditor

Repository files navigation

SSW Code Auditor

Build Status Docker Pull Docker Size

SSW CodeAuditor is a code and link analysis tool that allows users to identify broken links or code, view the overall performance of your website, ensuring large, complex source code can be simplified, cleaned and maintained. With CodeAuditor, you can:

  • View prior scan history - View previous scan results
  • Export to CSV - Export scan result to CSV to perform further analysis (PowerBI)
  • View Lighthouse report - See Lighthouse numbers within CodeAuditor
  • Set Lighthouse threshold - E.g. If performance is less than 80 and SEO score is less than 100, fail the build
  • Ignore broken links - Ignored URLs will not cause build to fail
  • View code errors - View HTML code errors and code errors within CodeAuditor

Architecture Diagram

image

Figure: CodeAuditor Architecture Diagram

Usage

  1. Sign up for free at https://codeauditor.com and get your token
  2. Make sure Docker is installed and running on your local machine
  3. Use the token from step 1 and run the follow Docker command
docker run sswconsulting/codeauditor <YourToken> --url <URL>

npm start

CodeAuditor Workflow

Additionally, you can also use CodeAuditor Workflow on GitHub Marketplace and run it as part of your GitHub Action simply by following the steps from CodeAuditor Workflow

Make sure you specifying the following inputs:

name required type description
GitHub_Token yes string Your repo default GitHub token i.e. using "${{ github.token }}"
Make sure you grant the token permission to create issue
token yes string Your personal CodeAuditor token that can be found on CodeAuditor's How It Works page
url yes string The url used on your CodeAuditor scan
AlertIssue no boolean Set to "true" if you want to switch on issue alert feature
GoMaxthread no number Set the maximum number of threads for Golang web scraping (Default is 100)

Example usage

name: Test CodeAuditor Workflow

jobs:
  build:
    runs-on: ubuntu-latest
    permissions: 
      issues: write
    steps:
      - uses: actions/checkout@v3
      - name: CodeAuditor Feedback Loop Workflow
        uses: tombui99/[email protected]
        with:
          # Your CodeAuditor token
          token: \${{ secrets.CODEAUDITORTOKEN }}
          # Your Scan URL
          url: \${{ vars.SCANURL }}
          # Your GitHub Token
          GitHub_Token: \${{ github.token }}

To start developing CodeAuditor:

We always welcome contributions. If you are interested in contributing, please take a look at our CONTRIBUTING guide

Table of Content

  1. General
  2. System Pre-reqs
  3. Required Tools
  4. Change flow
  5. Definition of Done
  6. Deployment
  7. Running the Project
  8. Testing your changes locally
  9. Adding your own custom HTML rule

Technologies used in CodeAuditor

Front End:

SvelteJs - Free and open-source JavaScript framework

Back End:

Firebase - CodeAuditor uses Firebase API, allowing developers to avoid managing servers or writing server-side code

Why Firebase?

  • Easy to use and save a lot time because all the server operations and internal functions are taken care of by the Firebase interface
  • Developers can spend more time developing the app
  • The idea of firebase is to quickly validate your idea then you can simply migrate that to a proper "enterprise" set up

Tool:

Docker - Platform as a service (PaaS) product that uses OS-level virtualization to deliver software in packages

Getting help

  • Leave comments on your PR and @ people for attention
  • Bring it up with the team
  • Edit the Wiki
  • For help: email the Product Champion or ask on Teams