Open in app

Sign in

Write

Sign in

Open Source Project Update: Repository Scanner 2.0.0

Announcement

ABN AMRO
ABN AMRO Developer Blog
2 min readSep 7, 2023

--

In August 2023 the new version 2.0.0 of Repository Scanner was published.

Repository Scanner is a fully open source enterprise-grade application for secret detection with easy deployment configuration through a Helm Wizard, full flexibility on rule pack configuration and an intuitive front-end for triaging of secrets and an overview of secret detection KPI’s.

OpenSSF Badge for Repository Scanner

ABN AMRO strives to achieve the Gold standard of OpenSSF showcasing the dedication to open source and the hard work that goes into maintaining an open source project.

The OpenSSF (Open Source Security Foundation) is a cross-industry organization that brings together the industry’s most important open source security initiatives and the individuals and companies that support them. The OpenSSF Best Practices badge is a way for Free/Libre and Open Source Software (FLOSS) projects to show that they follow best practices. Some of these best practices revolve around contributing guidelines and licensing, while others have to do with automated testing and cryptographic best practices.

These best practices are reflected by the OpenSSF badge which is proudly shared in the main Readme of the project .

New features in this release

Open Sourcing an application is not so much a goal as it is a journey. With release 2.0.0 we celebrate the implementation of many open source best practices within the Repository Scanner project. The major version upgrade was done due to the introduction of Redis cache to decrease data access latency and increase throughput.

ABN AMRO uses Repository Scanner internally to scan all source code for hard-coded secrets continuously. Any detected secret is triaged and all true positives are shared with the development teams through various means of communication like incidents and direct messages.

Some of the most significant new features that were introduced in version 2.0.0 are:

  • API endpoint caching using Redis.
  • Single Sign On support for various SSO providers.
  • Helm Chart (Helm Wizard) improvements for smooth and efficient deployments.
  • Dummy Data Generator for demo’s and PoC’s.
  • Traceability on Rule pack updates.
  • Life cycle management on all dependencies.
  • Liveliness and Readiness probes on all appropriate pods.
  • Optimized query performance.
  • Fixes on numerous security findings from various scanning tools.
  • Updates on GitHub Actions to include several new security scanning tools.

Contribute to the project

ABN AMRO welcomes new contributions from developers, the process for raising bugs or requirements is explained in the Repository Scanner GitHub repository.

Open Source
Abn Amro Developer
Github
Open Source Communities
Announcements

--

--

ABN AMRO
ABN AMRO Developer Blog

Written by ABN AMRO

792 Followers
Editor for

Build the future of banking! Use our APIs to automate, innovate, and connect to millions of customers. Go to: https://developer.abnamro.com/

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams