dart_shield is a Dart-based CLI tool that performs static application security testing (SAST) to identify security vulnerabilities in Dart and Flutter code.
Security CLI tool (SAST) to detect security issues in your Dart and Flutter code.
This tool is designed for Dart and Flutter developers who want to proactively detect security issues such as hardcoded secrets, insecure connections, and weak cryptographic practices in their codebase. It is used during development to automate security analysis and enforce secure coding standards before deployment.
The project is currently under construction and not ready for production use. The shield_options.yaml configuration file is mandatory for analysis commands to work. Users should be aware that full documentation and stable releases are forthcoming.
Run `dart pub global activate -s git https://github.com/yardexx/dart_shield` to install dart_shield globally from the GitHub repositorydart_shield init
Initializes dart_shield in your project by creating a shield_options.yaml configuration file.
dart_shield init -f
Forces recreation of the shield_options.yaml configuration file if it already exists.
dart_shield analyze .
Analyzes the Dart code in the specified directory (current directory here) for potential security flaws based on the configuration.