Skip to content

dipenvir/SafeDev

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
jwt-extention
jwt-extention
 
 
safedev
safedev
 
 
README.md
README.md
 
 

Repository files navigation

SafeDev

A developer-first security platform that helps you find and fix security issues before they ship. SafeDev scans GitHub repositories for secrets, validates JWTs, and delivers actionable security insights—all in minutes.

Features

🔍 GitHub Scanner

Detect hardcoded secrets, API keys, and risky patterns across your repositories with real-time streaming results.

  • Secret Detection: Finds common secret formats (API keys, tokens, credentials, private keys)
  • Real-time Scanning: Stream results as files are analyzed
  • Context-Aware Findings: Get file/line pointers with clear explanations
  • Remediation Guidance: Actionable steps to fix detected issues

🔑 JWT Inspector

Decode, validate, and analyze JWTs for expiry issues, weak algorithms, and claim vulnerabilities.

  • Instant Decoding: Parse header, payload, and signature details
  • Security Validation: Check expiry, algorithm strength, and claim configurations
  • Risk Highlighting: Flag weak/unsafe token patterns
  • Best Practice Guidance: Get recommendations for secure JWT handling

🛡️ Security Advisor

Get a clear security score with prioritized remediation steps tailored to your codebase.

  • Unified Security Score: 0-100 score with breakdown by category
  • Prioritized Fixes: Ranked by impact and exploitability
  • Actionable Plans: Checklist-style remediation steps
  • Progress Tracking: Rescan and compare improvements over time

Tech Stack

  • Framework: Next.js 15 with App Router
  • Language: TypeScript
  • Styling: Tailwind CSS
  • Animations: Framer Motion
  • Authentication: NextAuth.js with GitHub OAuth
  • AI Analysis: OpenAI GPT-4o
  • Deployment: Vercel

Project Structure

safedev/
├── app/                      # Next.js app directory
│   ├── about/               # About page
│   ├── api/                 # API routes
│   │   ├── ai-summary/      # AI-powered security analysis
│   │   ├── auth/            # NextAuth configuration
│   │   └── github/          # GitHub scanning endpoints
│   ├── features/[slug]/     # Individual feature pages
│   ├── github/              # GitHub scanner page
│   └── page.tsx             # Homepage
├── components/              # React components
│   ├── AISecurityModal.tsx  # AI analysis modal
│   ├── GitHubRepoCard.tsx   # Repository card component
│   ├── GithubIcon.tsx       # GitHub icon
│   ├── Hero.tsx             # Hero section
│   └── ...
├── lib/                     # Utility functions
│   ├── scanner.ts           # Repository scanning logic
│   └── types.ts             # TypeScript type definitions
└── public/                  # Static assets

Getting Started

Prerequisites

  • Node.js 18+
  • npm, yarn, pnpm, or bun
  • GitHub account for OAuth
  • OpenAI API key (for AI analysis feature)

Installation

  1. Clone the repository:
git clone https://github.com/yourusername/SafeDev.git
cd SafeDev/safedev
  1. Install dependencies:
npm install
# or
yarn install
# or
pnpm install
  1. Set up environment variables:

Create a .env file in the safedev directory:

# NextAuth
NEXTAUTH_URL=http://localhost:3000
NEXTAUTH_SECRET=your-secret-here

# GitHub OAuth
GITHUB_ID=your-github-oauth-app-id
GITHUB_SECRET=your-github-oauth-app-secret

# OpenAI (for AI analysis)
OPENAI_API_KEY=your-openai-api-key
  1. Run the development server:
npm run dev
# or
yarn dev
# or
pnpm dev
  1. Open http://localhost:3000 in your browser.

Setting up GitHub OAuth

  1. Go to GitHub Settings → Developer settings → OAuth Apps
  2. Create a new OAuth App with:
    • Homepage URL: http://localhost:3000
    • Authorization callback URL: http://localhost:3000/api/auth/callback/github
  3. Copy the Client ID and Client Secret to your .env file

Key Features Explained

Scanner Logic

The GitHub scanner (lib/scanner.ts) recursively walks through repository contents and:

  • Detects hardcoded secrets using pattern matching
  • Identifies risky configurations (e.g., privileged Docker containers)
  • Scans for exposed .env files and credentials
  • Provides real-time status updates via callbacks

AI Analysis

The AI summary endpoint (app/api/ai-summary/route.ts):

  • Collects repository contents (up to 50 files)
  • Sends code to OpenAI GPT-4o for analysis
  • Returns security score, risks, quick wins, and recommendations

Authentication

NextAuth.js is configured to use GitHub OAuth, allowing users to:

  • Sign in with their GitHub account
  • Access private repositories (with proper scopes)
  • Scan repositories they have access to

Building for Production

npm run build
npm start

Deployment

The easiest way to deploy SafeDev is using Vercel:

  1. Push your code to GitHub
  2. Import the project in Vercel
  3. Add environment variables in Vercel dashboard
  4. Deploy

Deploy with Vercel

Contributing

SafeDev is open source! Contributions are welcome:

  1. Fork the repository
  2. Create a feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'Add amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

License

This project is open source and available under the MIT License.

Acknowledgments

SafeDev - Security that helps you ship faster, not get in your way.

About

safe-dev.vercel.app

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages