For the best experience on desktop, install the
Chrome extension
to track your reading on news.ycombinator.com
×
Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
|
history
|
from
register
Need for speed: static analysis version
(
r2c.dev
)
2 points
by
dbaupp
on Nov 29, 2022
|
past
Autofixing Code with Semgrep
(
r2c.dev
)
1 point
by
natmote
on Nov 3, 2022
|
past
Ignore 98% of dependency alerts: introducing Semgrep Supply Chain
(
r2c.dev
)
176 points
by
ievans
on Oct 4, 2022
|
past
|
59 comments
r2c: An open source-tool for software security
(
r2c.dev
)
1 point
by
Extropy_
on Feb 12, 2022
|
past
Keep your Semgrep static analysis rules simple with symbolic propagation
(
r2c.dev
)
3 points
by
todsacerdoti
on Feb 10, 2022
|
past
JavaScript static analysis comparison: ESLint vs. Semgrep
(
r2c.dev
)
1 point
by
ievans
on Jan 28, 2022
|
past
The best, free, open-source supply-chain security tool? The lockfile
(
r2c.dev
)
1 point
by
mooreds
on Jan 27, 2022
|
past
The best free, open-source supply-chain security tool? The lockfile
(
r2c.dev
)
3 points
by
h1x
on Jan 22, 2022
|
past
The best free, open-source supply-chain security tool? The lockfile
(
r2c.dev
)
5 points
by
moyer
on Jan 21, 2022
|
past
|
1 comment
Semgrep: A Static Analysis Journey
(
r2c.dev
)
9 points
by
todsacerdoti
on Nov 9, 2021
|
past
Semgrep taint mode is now in beta
(
r2c.dev
)
1 point
by
todsacerdoti
on Oct 22, 2021
|
past
Protect Your GitHub Actions with Semgrep
(
r2c.dev
)
4 points
by
ievans
on Oct 5, 2021
|
past
Semgrep for GitLab
(
r2c.dev
)
9 points
by
pabloest
on June 22, 2021
|
past
Appsec Development: Keeping it all together at scale
(
r2c.dev
)
2 points
by
mooreds
on Feb 14, 2021
|
past
Should random() be banned?
(
r2c.dev
)
73 points
by
pabloest
on Feb 11, 2021
|
past
|
205 comments
Four levels of maturity that bridge the AppSec / engineering divide
(
r2c.dev
)
3 points
by
kiyanwang
on Jan 24, 2021
|
past
Four levels of maturity that bridge the AppSec / engineering divide
(
r2c.dev
)
6 points
by
pabloest
on Jan 8, 2021
|
past
When DevSecOps goes wrong: a short lesson from Huawei's source code
(
r2c.dev
)
53 points
by
DyslexicAtheist
on Dec 19, 2020
|
past
|
22 comments
Exploiting dynamic rendering engines to take control of web apps
(
r2c.dev
)
9 points
by
pabloest
on Nov 19, 2020
|
past
Fixing leaky logs: how to find a bug and ensure it never returns
(
r2c.dev
)
2 points
by
kiyanwang
on Nov 15, 2020
|
past
Fixing leaky logs: how to find a bug and ensure it never returns
(
r2c.dev
)
6 points
by
pabloest
on Nov 11, 2020
|
past
The future of AppSec and why I joined r2c
(
r2c.dev
)
3 points
by
mooreds
on Oct 29, 2020
|
past
Introducing Semgrep and r2c
(
r2c.dev
)
115 points
by
pabloest
on Oct 29, 2020
|
past
|
21 comments
Not all attacks are equal: understanding and preventing DoS in web applications
(
r2c.dev
)
46 points
by
ievans
on Sept 11, 2020
|
past
|
13 comments
Type-Awareness in Semantic Grep
(
r2c.dev
)
3 points
by
ievans
on Aug 5, 2020
|
past
Hardcoded secrets, unverified tokens, and other common JWT mistakes
(
r2c.dev
)
188 points
by
todsacerdoti
on June 26, 2020
|
past
|
82 comments
DLint – reguler expression DoS bug hunting
(
r2c.dev
)
1 point
by
enigmabridge
on Feb 20, 2020
|
past
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
×
HN For You
Display Mode
Highlight
Top
Only
Debug mode
Sign Out
API Key:
Connect
Create an account
to get your API key.
