SSW Code Auditor
SSW CodeAuditor is a code and link analysis tool that allows users to identify broken links or code, view the overall performance of your website, ensuring large, complex source code can be simplified, cleaned and maintained. With CodeAuditor, you can:
- View prior scan history - View previous scan results
- Export to CSV - Export scan result to CSV to perform further analysis (PowerBI)
- View Lighthouse report - See Lighthouse numbers within CodeAuditor
- Set Lighthouse threshold - E.g. If performance is less than 80 and SEO score is less than 100, fail the build
- Ignore broken links - Ignored URLs will not cause build to fail
- View code errors - View HTML code errors and code errors within CodeAuditor
Architecture Diagram
Figure: CodeAuditor Architecture Diagram
Usage
- Sign up for free at https://codeauditor.com and get your token
- Make sure Docker is installed and running on your local machine
- Use the token from step 1 and run the follow Docker command
docker run sswconsulting/codeauditor <YourToken> --url <URL>
CodeAuditor Workflow
Additionally, you can also use CodeAuditor Workflow on GitHub Marketplace and run it as part of your GitHub Action simply by following the steps from CodeAuditor Workflow
Make sure you specifying the following inputs:
| name | required | type | description |
|---|---|---|---|
| GitHub_Token | yes | string | Your repo default GitHub token i.e. using "\${{ github.token }}" |
| Make sure you grant the token permission to create issue | |||
| token | yes | string | Your personal CodeAuditor token that can be found on CodeAuditor's How It Works page |
| url | yes | string | The url used on your CodeAuditor scan |
| AlertIssue | no | boolean | Set to "true" if you want to switch on issue alert feature |
| GoMaxthread | no | number | Set the maximum number of threads for Golang web scraping (Default is 100) |
Example usage
name: Test CodeAuditor Workflow
jobs:
build:
runs-on: ubuntu-latest
permissions:
issues: write
steps:
- uses: actions/checkout@v3
- name: CodeAuditor Feedback Loop Workflow
uses: tombui99/codeauditor-github-workflow@v1.0.0
with:
# Your CodeAuditor token
token: \${{ secrets.CODEAUDITORTOKEN }}
# Your Scan URL
url: \${{ vars.SCANURL }}
# Your GitHub Token
GitHub_Token: \${{ github.token }}To start developing CodeAuditor:
We always welcome contributions. If you are interested in contributing, please take a look at our CONTRIBUTING guide
Table of Content
- General
- System Pre-reqs
- Required Tools
- Change flow
- Definition of Done
- Deployment
- Running the Project
- Testing your changes locally
- Adding your own custom HTML rule
Technologies used in CodeAuditor
Front End:
SvelteJs - Free and open-source JavaScript framework
Back End:
Firebase - CodeAuditor uses Firebase API, allowing developers to avoid managing servers or writing server-side code
Why Firebase?
- Easy to use and save a lot time because all the server operations and internal functions are taken care of by the Firebase interface
- Developers can spend more time developing the app
- The idea of firebase is to quickly validate your idea then you can simply migrate that to a proper "enterprise" set up
Tool:
Docker - Platform as a service (PaaS) product that uses OS-level virtualization to deliver software in packages
Getting help
- Leave comments on your PR and @ people for attention
- Bring it up with the team
- Edit the Wiki
- For help: email the Product Champion or ask on Teams