GitHub - dk900912/redis-keys-detector: The redis-keys-detector is a tool designed to scan and detect risks associated with the usage of Redis keys in a codebase. It generates detailed risk reports to help users identify potential issues. The tool supports scanning code in multiple programming languages and relies on Java 21.

背景

笔者目前工作于一公有云厂商，前期一款产品在线上使用了Redis中KEYS *高危指令，最终影响该款产品登录、连接功能异常，引发批量客诉。笔者所在班组由于职责所在需要全量排查所有内循环订购Redis的上层产品是否涉及此高危指令，但无奈30+款产品202个代码仓库的排查工作量巨大，于是就萌生了写一个工具的想法。

如何使用

预留了众多拓展点，请自行阅读源码！

KeysRiskDetector.builder()
        .input(xxx)
        .reporter(yyy)
        .scanners(zzz)
        .build()
        .detect();

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
src		src
.gitignore		.gitignore
LICENSE		LICENSE
Readme.md		Readme.md
pom.xml		pom.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

背景

如何使用

About

Releases

Packages

Languages

License

dk900912/redis-keys-detector

Folders and files

Latest commit

History

Repository files navigation

背景

如何使用

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages