CodeGuard AI is an AI-driven security scanning platform that helps developers review GitHub repositories for portfolio readiness, security risks, environment configuration issues, README quality, deployment readiness, and code structure improvements.
The system allows users to create an account, verify their email, submit a public GitHub repository URL, scan the project, view detailed security findings, and receive the scan report through email.
- User registration and login
- Email verification with secure verification codes
- JWT-based authentication
- Public GitHub repository scanning
- Secret and sensitive file detection
- README quality analysis
- Environment configuration checks
- Deployment readiness checks
- Project structure and package script analysis
- Security score breakdown
- Scan history dashboard
- Detailed scan report page
- Email notification after scan completion
- PostgreSQL database with Prisma ORM
- Swagger API documentation
- Next.js
- React
- TypeScript
- Tailwind CSS
- Lucide React
- NestJS
- TypeScript
- Prisma ORM
- PostgreSQL
- JWT Authentication
- Bcrypt
- Nodemailer
- Simple Git
- Swagger
- Docker
- GitHub
- Swagger / Insomnia
- Prisma Studio
git clone https://github.com/MayThetNaingBo/devops_scanner.git
cd codeguard-aicd backendnpm installCopy .env.example to .env and fill in your own values.
docker compose up -dnpx prisma migrate devnpx prisma generatenpm run start:devThe backend should run on:
http://localhost:3000
Swagger API documentation:
http://localhost:3000/api
Open a new terminal:
cd frontendnpm installnpm run devThe frontend should run on:
http://localhost:3001
-
User signs up with name, email, and password.
-
Backend hashes the password and sends an email verification code.
-
User verifies email and logs in.
-
User submits a public GitHub repository URL.
-
Backend clones the repository temporarily.
-
Scanner checks for:
- Exposed secrets
- Missing
.env.example - Committed
.envfiles - README quality
- Missing Dockerfile
- Missing GitHub Actions
- Missing build/start/test scripts
-
Backend calculates scores and stores the scan report.
-
User views the detailed report in the dashboard.
-
Email report notification is sent to the user.
- Security
- README Quality
- Environment Configuration
- Deployment Readiness
- Code Structure
- Building secure authentication with JWT
- Implementing email verification
- Using Prisma with PostgreSQL
- Designing scan report data models
- Cloning and analyzing GitHub repositories
- Detecting security and configuration risks
- Creating a full-stack dashboard with scan history
- Sending automated email reports
- Structuring a full-stack project for portfolio presentation
May Thet Naing Bo
Diploma in Information Technology
Temasek Polytechnic
🌐 https://maythetnaingbo.com









