Skip to content

Releases: IamXeoth/aware

v1.0.0 - MVP Complete

19 Dec 23:55
@IamXeoth IamXeoth
v1.0.0
2e1a67f

Choose a tag to compare

View all tags
v1.0.0 - MVP Complete Latest
Latest

🧠 AWARE v1.0.0 - MVP Complete

First stable release of AWARE - Cognitive Awareness for Developers.

A security awareness tool that prevents dangerous technical decisions before they happen.

✨ Features

🔍 Core Capabilities

  • 25 Security Rules - Production-ready ruleset covering 8 risk categories
  • Full CLI - 7 commands with beautiful Typer + Rich interface
  • Git Hooks - Automated pre-commit and pre-push scanning
  • Shell Wrapper - Real-time command interception and analysis
  • 5 Output Formats - Console, Compact, JSON, SARIF, GitHub Annotations
  • Graduated Confirmations - Smart warn/confirm/block system
  • Privacy-First - 100% offline, zero telemetry, zero data collection

📋 Rule Categories

  • 🔑 SECRETS_EXPOSED (6 rules) - API keys, credentials, AWS keys, private keys
  • 🔓 TLS_DISABLED (3 rules) - SSL/TLS verification bypasses
  • 🐛 DEBUG_IN_PRODUCTION (2 rules) - Debug mode, sensitive logging
  • 🌐 CORS_MISCONFIGURATION (2 rules) - Wildcard origins, credentials exposure
  • 🔐 AUTH_WEAKNESS (3 rules) - Weak secrets, hardcoded passwords, JWT issues
  • 💣 DESTRUCTIVE_COMMAND (5 rules) - rm -rf, force push, database drops
  • ☁️ INFRASTRUCTURE_RISK (2 rules) - Privileged containers
  • 📦 DEPENDENCY_RISK (2 rules) - Unsafe package installations

🎯 CLI Commands

aware --version              # Show version
aware scan --staged          # Scan staged files (pre-commit)
aware scan --diff main...HEAD # Scan diff (pre-push)
aware wrap <command>         # Intercept dangerous commands
aware install               # Install git hooks
aware uninstall             # Remove git hooks
aware status                # Check hooks status
aware rules list            # List all rules
aware rules explain <ID>    # Explain specific rule
aware rules validate <file> # Validate custom rules

🚀 Quick Start

# Clone repository
git clone https://github.com/IamXeoth/aware.git
cd aware

# Create virtual environment
python -m venv venv
source venv/bin/activate  # Windows: .\venv\Scripts\activate

# Install dependencies
pip install -e ".[dev]"

# Test it
python cli.py --version
python cli.py rules list

# Install git hooks in your project
cd /path/to/your/project
python /path/to/aware/cli.py install

📊 Project Stats

  • Lines of Code: ~3,500
  • Total Rules: 25
  • CLI Commands: 7
  • Output Formatters: 5
  • Git Hooks: 2 (pre-commit, pre-push)
  • Python Version: 3.9+

🛠️ Tech Stack

  • CLI Framework: Typer
  • Terminal UI: Rich
  • Configuration: PyYAML
  • Testing: pytest (planned)
  • Build: Hatchling

📖 Example Usage

Scan Staged Files

python cli.py scan --staged

Intercept Dangerous Command

python cli.py wrap rm -rf /tmp/important
# ⚠️  AWARE will ask for confirmation before executing

Install Git Hooks

python cli.py install
# ✅ pre-commit: Hook instalado com sucesso
# ✅ pre-push: Hook instalado com sucesso

Export JSON Report

python cli.py scan --staged --format json --output report.json

🎯 Use Cases

  • Pre-commit validation - Block commits with secrets or dangerous patterns
  • CI/CD integration - JSON/SARIF output for automated pipelines
  • Command safety - Prevent accidental rm -rf or force pushes
  • Security training - Learn about security risks with detailed explanations
  • Code review - Automated security checks before PR merge

👨‍💻 Author

Vinícius Lisboa
📧 Email: contato@viniciuslisboa.com.br
🐙 GitHub: @IamXeoth
🌐 Website: viniciuslisboa.com.br

📜 License

MIT License - See LICENSE file for details

🙏 Acknowledgments

Created as part of Hummand - GovTech solutions for digital transformation.

📌 What's Next?

  • Unit tests with pytest
  • Integration tests
  • PyPI publication
  • VS Code extension
  • Additional rule packs
  • Web dashboard
Assets 2
Loading