@llm-dev-ops/llm-config-devtools
Advanced tools
Development and security scanning tools (Rust crate - use via cargo or build from source)
Enterprise-grade security scanning and development tools for the LLM Config Manager project.
Multiple output formats supported:
cargo install --path crates/llm-config-devtools
Add to your Cargo.toml:
[dependencies]
llm-config-devtools = { path = "../llm-config-devtools" }
# Run full security scan with markdown output
llm-security-scan --output report.md --format markdown
# Generate SARIF for GitHub Security tab
llm-security-scan --output results.sarif --format sarif
# Fail CI if high severity findings are found
llm-security-scan --fail-on-high
# Disable specific scans
llm-security-scan --no-secrets --no-sql
# Check for vulnerable dependencies
llm-dependency-scan
# Check for outdated dependencies
llm-dependency-scan --check-outdated
# Check for unused dependencies
llm-dependency-scan --check-unused
# Save JSON report
llm-dependency-scan --output report.json
use llm_config_devtools::security::{SecurityScanner, ScanConfig};
use llm_config_devtools::report::{generate_report, OutputFormat};
use std::path::PathBuf;
fn main() -> Result<(), Box<dyn std::error::Error>> {
// Configure scanner
let config = ScanConfig {
project_root: PathBuf::from("."),
scan_clippy: true,
scan_unsafe: true,
scan_secrets: true,
scan_sql: true,
max_workers: None,
};
// Run scan
let scanner = SecurityScanner::new(config);
let report = scanner.scan()?;
// Generate report
let markdown = generate_report(&report, OutputFormat::Markdown)?;
println!("{}", markdown);
// Check for high severity findings
if report.has_high_severity() {
eprintln!("High severity findings detected!");
std::process::exit(1);
}
Ok(())
}
name: Security Scan
on: [push, pull_request]
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
- name: Run security scan
run: |
cargo run --bin llm-security-scan -- \
--output results.sarif \
--format sarif \
--fail-on-high
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif
{
"timestamp": "2025-11-21T10:00:00Z",
"project_root": ".",
"findings": [
{
"severity": "high",
"category": "unsafe_code",
"title": "Unsafe code block detected",
"message": "Found unsafe code block...",
"file": "src/lib.rs",
"line": 42
}
],
"summary": {
"total": 1,
"critical": 0,
"high": 1,
"medium": 0,
"low": 0
}
}
SARIF format is automatically recognized by GitHub and displayed in the Security tab.
Human-readable report with severity indicators, code snippets, and recommendations.
cargo test --package llm-config-devtools
# Security scan
cargo run --bin llm-security-scan
# Dependency scan
cargo run --bin llm-dependency-scan
Apache-2.0
See CONTRIBUTING.md for details.
FAQs
Development and security scanning tools (Rust crate - use via cargo or build from source)
We found that @llm-dev-ops/llm-config-devtools demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.
Security News
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.