diff --git a/README.md b/README.md
index 0fc922174..50f93e730 100644
--- a/README.md
+++ b/README.md
@@ -283,7 +283,7 @@ Also check out the sister project, [awesome-dynamic-analysis](https://github.com
- [Gendarme](https://www.mono-project.com/docs/tools+libraries/tools/gendarme) — Gendarme inspects programs and libraries that contain code in ECMA CIL format (Mono and .NET).
-- **Infer#** :warning: — InferSharp (also referred to as Infer#) is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null pointer dereferences and resource leaks.
+- [Infer#](https://github.com/microsoft/infersharp) — InferSharp (also referred to as Infer#) is an interprocedural and scalable static code analyzer for C#. Via the capabilities of Facebook's Infer, this tool detects null pointer dereferences and resource leaks.
- [Meziantou.Analyzer](https://github.com/meziantou/Meziantou.Analyzer) — A Roslyn analyzer to enforce some good practices in C# in terms of design, usage, security, performance, and style.
@@ -1329,7 +1329,7 @@ TSLint is an extensible static analysis tool that checks TypeScript code for rea
Verilog/SystemVerilog
-- [Icarus Verilog](https://github.com/steveicarus/iverilog) — A Verilog simulation and synthesis tool that operates by compiling source code written in IEEE-1364 Verilog into some target format
+- **Icarus Verilog** :warning: — A Verilog simulation and synthesis tool that operates by compiling source code written in IEEE-1364 Verilog into some target format
- [svls](https://github.com/dalance/svls) — A Language Server Protocol implementation for Verilog and SystemVerilog, including lint capabilities.
@@ -1509,7 +1509,7 @@ It supports multiple languages and is designed to be extensible, allowing you to
- [lizard](https://github.com/terryyin/lizard) — Lizard is an extensible Cyclomatic Complexity Analyzer for many programming languages including C/C++ (doesn't require all the header files or Java imports). It also does copy-paste detection (code clone detection/code duplicate detection) and many other forms of static code analysis. Counts lines of code without comments, CCN (cyclomatic complexity number), token count of functions, parameter count of functions.
-- [Mega-Linter](https://nvuillam.github.io/mega-linter/) — Mega-Linter can handle any type of project thanks to its 70+ embedded Linters,
+- [Mega-Linter](https://megalinter.io/) — Mega-Linter can handle any type of project thanks to its 70+ embedded Linters,
its advanced reporting, runnable on any CI system or locally,
with assisted installation and configuration, able to apply formatting and fixes
@@ -1611,7 +1611,7 @@ It supports multiple languages and is designed to be extensible, allowing you to
- [Teamscale](https://www.cqse.eu/en/teamscale/overview/) :copyright: — Static and dynamic analysis tool supporting more than 25 languages and direct IDE integration. Free hosting for Open Source projects available on request. Free academic licenses available.
-- [TencentCodeAnalysis](https://tca.tencent.com/) — Tencent Cloud Code Analysis (TCA for short, code-named CodeDog inside the company early) is a comprehensive platform for code analysis and issue tracking. TCA consist of three components, server, web and client. It integrates of a number of self-developed tools, and also supports dynamic integration of code analysis tools in various programming languages.
+- **TencentCodeAnalysis** :warning: — Tencent Cloud Code Analysis (TCA for short, code-named CodeDog inside the company early) is a comprehensive platform for code analysis and issue tracking. TCA consist of three components, server, web and client. It integrates of a number of self-developed tools, and also supports dynamic integration of code analysis tools in various programming languages.
- [ThreatMapper](https://github.com/deepfence/ThreatMapper) — Vulnerability Scanner and Risk Evaluation for containers, serverless and hosts at runtime. ThreatMapper generates runtime BOMs from dependencies and operating system packages, matches against multiple threat feeds, scans for unprotected secrets, and scores issues based on severity and risk-of-exploit.
@@ -1705,7 +1705,7 @@ Loading address: binbloom can parse a raw binary firmware and determine its load
- [Ghidra](https://ghidra-sre.org) — A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission
-- [Hopper](https://www.hopperapp.com/) :copyright: — macOS and Linux reverse engineering tool that lets you disassemble, decompile and debug applications. Hopper displays the code using different representations, e.g. the Control Flow Graph, and the pseudo-code of a procedure. Supports Apple Silicon.
+- **Hopper** :warning: :copyright: — macOS and Linux reverse engineering tool that lets you disassemble, decompile and debug applications. Hopper displays the code using different representations, e.g. the Control Flow Graph, and the pseudo-code of a procedure. Supports Apple Silicon.
- [IDA Free](https://www.hex-rays.com/products/ida/support/download_freeware) :copyright: — Binary code analysis tool.
@@ -1882,7 +1882,7 @@ Its technology helps developers automate testing, find bugs, and reduce manual l
- [Goblint](https://goblint.in.tum.de) — A static analyzer for the analysis of multi-threaded C programs. Its primary focus is the detection of data races, but it also reports other runtime errors, such as buffer overflows and null-pointer dereferences.
-- [PullRequest](https://www.pullrequest.com) :copyright: — Code review as a service with built-in static analysis. Increase velocity and reduce technical debt through quality code review by expert engineers backed by best-in-class automation.
+- [PullRequest](https://www.hackerone.com/product/code) :copyright: — Code review as a service with built-in static analysis. Increase velocity and reduce technical debt through quality code review by expert engineers backed by best-in-class automation.
- **quality** :warning: — Runs quality checks on your code using community tools, and makes sure your numbers don't get any worse over time.
@@ -2017,7 +2017,7 @@ but with the following improvements:
LaTeX
-- [ChkTeX](http://www.nongnu.org/chktex) — A linter for LaTex which catches some typographic errors LaTeX oversees.
+- **ChkTeX** :warning: — A linter for LaTex which catches some typographic errors LaTeX oversees.
- [lacheck](https://www.ctan.org/pkg/lacheck) — A tool for finding common mistakes in LaTeX documents.
@@ -2201,7 +2201,7 @@ It does this by running periodic diff outputs against heuristically crafted rege
- [gokart](https://github.com/praetorian-inc/gokart) — Golang security analysis with a focus on minimizing false positives. It is capable of tracing the source of variables and function arguments to determine whether input sources are safe.
-- [HasMySecretLeaked](https://gitguardian.com/hasmysecretleaked) :copyright: — HasMySecretLeaked is a project from GitGuardian that aims to help individual users and organizations search across 20 million exposed secrets to verify if their developer secrets have leaked on public repositories, gists, and issues on GitHub projects.
+- **HasMySecretLeaked** :warning: :copyright: — HasMySecretLeaked is a project from GitGuardian that aims to help individual users and organizations search across 20 million exposed secrets to verify if their developer secrets have leaked on public repositories, gists, and issues on GitHub projects.
- **iblessing** :warning: — iblessing is an iOS security exploiting toolkit. It can be used for reverse engineering, binary analysis and vulnerability mining.
@@ -2364,7 +2364,7 @@ TruffleHog is an open source secret-scanning engine that resolves exposed secret
- [GitGuardian ggshield](https://www.gitguardian.com/ggshield) — ggshield is a CLI application that runs in your local environment or in a CI environment to help you detect more than 350+ types of secrets, as well as other potential security vulnerabilities or policy breaks affecting your codebase.
-- [HasMySecretLeaked](https://gitguardian.com/hasmysecretleaked) :copyright: — HasMySecretLeaked is a project from GitGuardian that aims to help individual users and organizations search across 20 million exposed secrets to verify if their developer secrets have leaked on public repositories, gists, and issues on GitHub projects.
+- **HasMySecretLeaked** :warning: :copyright: — HasMySecretLeaked is a project from GitGuardian that aims to help individual users and organizations search across 20 million exposed secrets to verify if their developer secrets have leaked on public repositories, gists, and issues on GitHub projects.
## More Collections
diff --git a/data/api/tools.json b/data/api/tools.json
index 0e25b13da..a356ed466 100644
--- a/data/api/tools.json
+++ b/data/api/tools.json
@@ -1188,7 +1188,7 @@
],
"homepage": "https://github.com/tcosolutions/betterscan-ce",
"source": "https://github.com/tcosolutions/betterscan-ce",
- "pricing": "https://betterscan.io/pricing",
+ "pricing": null,
"plans": {
"free": false,
"oss": true
@@ -1579,7 +1579,7 @@
"types": [
"cli"
],
- "homepage": "https://www.bugprove.com",
+ "homepage": "https://bugprove.com",
"source": null,
"pricing": null,
"plans": {
@@ -2453,7 +2453,7 @@
"plans": null,
"description": "A linter for LaTex which catches some typographic errors LaTeX oversees.",
"discussion": null,
- "deprecated": null,
+ "deprecated": true,
"resources": null,
"reviews": null,
"demos": null,
@@ -5989,12 +5989,7 @@
"description": "Dodgy is a very basic tool to run against your codebase to search for \"dodgy\" looking values. It is a series of simple regular expressions designed to detect things such as accidental SCM diff checkins, or passwords or secret keys hard coded into files.",
"discussion": null,
"deprecated": null,
- "resources": [
- {
- "title": "Python linters for better code quality",
- "url": "https://smirnov-am.github.io/python-linters-for-better-code-quality/"
- }
- ],
+ "resources": null,
"reviews": null,
"demos": null,
"wrapper": null
@@ -9041,7 +9036,7 @@
"plans": null,
"description": "HasMySecretLeaked is a project from GitGuardian that aims to help individual users and organizations search across 20 million exposed secrets to verify if their developer secrets have leaked on public repositories, gists, and issues on GitHub projects.",
"discussion": null,
- "deprecated": null,
+ "deprecated": true,
"resources": null,
"reviews": null,
"demos": null,
@@ -9603,7 +9598,7 @@
"plans": null,
"description": "A Verilog simulation and synthesis tool that operates by compiling source code written in IEEE-1364 Verilog into some target format",
"discussion": null,
- "deprecated": null,
+ "deprecated": true,
"resources": null,
"reviews": null,
"demos": null,
@@ -11728,7 +11723,7 @@
"plans": null,
"description": "Format markdown code blocks using your favorite code formatters.",
"discussion": null,
- "deprecated": null,
+ "deprecated": false,
"resources": null,
"reviews": null,
"demos": null,
@@ -11803,7 +11798,7 @@
"types": [
"cli"
],
- "homepage": "https://nvuillam.github.io/mega-linter/",
+ "homepage": "https://megalinter.io/",
"source": "https://github.com/nvuillam/mega-linter",
"pricing": null,
"plans": null,
@@ -11814,22 +11809,6 @@
{
"title": "Hands on - Improving code standards with mega linter",
"url": "https://www.youtube.com/watch?v=3xgTU1GhRvs"
- },
- {
- "title": "How Mega-linter works",
- "url": "https://nvuillam.github.io/mega-linter/frequently-asked-questions/"
- },
- {
- "title": "List of Mega-Linter supported languages, formats and tooling formats",
- "url": "https://nvuillam.github.io/mega-linter/supported-linters/"
- },
- {
- "title": "Assisted installation guide",
- "url": "https://nvuillam.github.io/mega-linter/installation/"
- },
- {
- "title": "Assisted configuration guide",
- "url": "https://nvuillam.github.io/mega-linter/configuration/"
}
],
"reviews": null,
@@ -12806,7 +12785,7 @@
],
"homepage": "https://oversecured.com",
"source": null,
- "pricing": "https://oversecured.com/pricing",
+ "pricing": null,
"plans": null,
"description": "Enterprise vulnerability scanner for Android and iOS apps. It allows app owners and developers to secure each new version of a mobile app by integrating Oversecured into the development process.",
"discussion": null,
@@ -15053,9 +15032,9 @@
"types": [
"service"
],
- "homepage": "https://www.pullrequest.com",
+ "homepage": "https://www.hackerone.com/product/code",
"source": null,
- "pricing": "https://www.pullrequest.com/pricing",
+ "pricing": null,
"plans": null,
"description": "Code review as a service with built-in static analysis. Increase velocity and reduce technical debt through quality code review by expert engineers backed by best-in-class automation.",
"discussion": null,
@@ -19726,7 +19705,7 @@
"plans": null,
"description": "Tencent Cloud Code Analysis (TCA for short, code-named CodeDog inside the company early) is a comprehensive platform for code analysis and issue tracking. TCA consist of three components, server, web and client. It integrates of a number of self-developed tools, and also supports dynamic integration of code analysis tools in various programming languages.",
"discussion": null,
- "deprecated": null,
+ "deprecated": true,
"resources": null,
"reviews": null,
"demos": null,
diff --git a/data/tools/betterscan.yml b/data/tools/betterscan.yml
index 38987c827..05ab376bf 100644
--- a/data/tools/betterscan.yml
+++ b/data/tools/betterscan.yml
@@ -30,5 +30,4 @@ homepage: "https://github.com/tcosolutions/betterscan-ce"
plans:
oss: true
free: false
-pricing: https://betterscan.io/pricing
description: Checks your code and infra (various Git repositories supported, cloud stacks, CLI, Web Interface platform, integrationss available) for security and quality issues. Code Scanning/SAST/Linting using many tools/Scanners deduplicated with One Report (AI optional).
diff --git a/data/tools/bugprove.yml b/data/tools/bugprove.yml
index 33680b2f4..dc1a4e8cd 100644
--- a/data/tools/bugprove.yml
+++ b/data/tools/bugprove.yml
@@ -13,7 +13,7 @@ types:
plans:
free: true
deprecated: true
-homepage: "https://www.bugprove.com"
+homepage: "https://bugprove.com"
description: >-
BugProve is a firmware analysis platform featuring both static and dynamic analysis
techniques to discover memory corruptions, command injections and other classes or
diff --git a/data/tools/chktex.yml b/data/tools/chktex.yml
index d0aaf940c..374b0cb44 100644
--- a/data/tools/chktex.yml
+++ b/data/tools/chktex.yml
@@ -7,5 +7,6 @@ license: GNU Public License version 2 or greater
types:
- cli
source: 'http://git.savannah.nongnu.org/cgit/chktex.git'
+deprecated: true
homepage: 'http://www.nongnu.org/chktex'
description: A linter for LaTex which catches some typographic errors LaTeX oversees.
diff --git a/data/tools/dodgy.yml b/data/tools/dodgy.yml
index 74b55c1e8..a338f43c8 100644
--- a/data/tools/dodgy.yml
+++ b/data/tools/dodgy.yml
@@ -9,6 +9,3 @@ types:
source: "https://github.com/landscapeio/dodgy"
homepage: "https://github.com/landscapeio/dodgy"
description: Dodgy is a very basic tool to run against your codebase to search for "dodgy" looking values. It is a series of simple regular expressions designed to detect things such as accidental SCM diff checkins, or passwords or secret keys hard coded into files.
-resources:
- - title: "Python linters for better code quality"
- url: https://smirnov-am.github.io/python-linters-for-better-code-quality/
diff --git a/data/tools/iverilog.yml b/data/tools/iverilog.yml
index 3406b8479..c788ac1bb 100644
--- a/data/tools/iverilog.yml
+++ b/data/tools/iverilog.yml
@@ -6,6 +6,7 @@ tags:
license: GNU General Public License v2.0
types:
- cli
+deprecated: true
source: 'http://iverilog.icarus.com/'
homepage: 'https://github.com/steveicarus/iverilog'
description: >-
diff --git a/data/tools/mega-linter.yml b/data/tools/mega-linter.yml
index 41401685e..1865f9647 100644
--- a/data/tools/mega-linter.yml
+++ b/data/tools/mega-linter.yml
@@ -60,7 +60,7 @@ license: MIT License
types:
- cli
source: "https://github.com/nvuillam/mega-linter"
-homepage: "https://nvuillam.github.io/mega-linter/"
+homepage: "https://megalinter.io/"
description: >-
Mega-Linter can handle any type of project thanks to its 70+ embedded Linters,
its advanced reporting, runnable on any CI system or locally,
@@ -68,11 +68,3 @@ description: >-
resources:
- title: Hands on - Improving code standards with mega linter
url: https://www.youtube.com/watch?v=3xgTU1GhRvs
- - title: How Mega-linter works
- url: https://nvuillam.github.io/mega-linter/frequently-asked-questions/
- - title: List of Mega-Linter supported languages, formats and tooling formats
- url: https://nvuillam.github.io/mega-linter/supported-linters/
- - title: Assisted installation guide
- url: https://nvuillam.github.io/mega-linter/installation/
- - title: Assisted configuration guide
- url: https://nvuillam.github.io/mega-linter/configuration/
diff --git a/data/tools/oversecured.yml b/data/tools/oversecured.yml
index bd2f60d8f..85952825d 100644
--- a/data/tools/oversecured.yml
+++ b/data/tools/oversecured.yml
@@ -12,4 +12,3 @@ description: >-
Enterprise vulnerability scanner for Android and iOS apps. It allows app owners
and developers to secure each new version of a mobile app by integrating Oversecured
into the development process.
-pricing: https://oversecured.com/pricing
diff --git a/data/tools/pullrequest.yml b/data/tools/pullrequest.yml
index 0074ce84a..9dcebd39e 100644
--- a/data/tools/pullrequest.yml
+++ b/data/tools/pullrequest.yml
@@ -6,9 +6,8 @@ tags:
license: proprietary
types:
- service
-homepage: https://www.pullrequest.com
+homepage: https://www.hackerone.com/product/code
description: >-
Code review as a service with built-in static analysis. Increase velocity and reduce
technical debt through quality code review by expert engineers backed by best-in-class
automation.
-pricing: https://www.pullrequest.com/pricing
diff --git a/data/tools/tca.yml b/data/tools/tca.yml
index 68051b65e..bd8e69c13 100644
--- a/data/tools/tca.yml
+++ b/data/tools/tca.yml
@@ -22,6 +22,7 @@ types:
- service
- cli
source: 'https://github.com/Tencent/CodeAnalysis'
+deprecated: true
homepage: 'https://tca.tencent.com/'
description: >-
Tencent Cloud Code Analysis (TCA for short, code-named CodeDog inside the company early) is a comprehensive platform for code analysis and issue tracking. TCA consist of three components, server, web and client. It integrates of a number of self-developed tools, and also supports dynamic integration of code analysis tools in various programming languages.