Patchly is an AI-augmented vulnerability scanner that analyzes public GitHub repositories for known security issues in real-time. Built for new developers, early-stage prototyping, and educational purposes, Patchly automates the end-to-end process of dependency scanning, CVE detection, and fix recommendation by leveraging the latest CVE databases and LLM technology.
- Real-time framework based vulnerability scanning
- Context-aware fix generation using GPT-4
- Simple and interactive CVE dashboard with filters
- Fully automated repo cloning and clean up
- CORS handling, rate limiting and cache management
Built with Python & FastAPI for backend scanning logic and dependency parsing, and Next.js (React, TypeScript, TailwindCSS) for an interactive frontend interface. Project deployed on Vercel + Render.
- Clone the repository:
git clone https://github.com/rawsab/patchly.git
cd patchly- Set up the Python backend:
# Create and activate virtual environment
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
# Install dependencies
pip install -r requirements.txt- Set up the frontend:
cd frontend
npm install- Start the backend server:
# From the root directory
source venv/bin/activate # On Windows: venv\Scripts\activate
uvicorn api.main:app --reload- Start the frontend development server:
# From the frontend directory
cd frontend
npm run devThe application will be available at:
- Frontend: http://localhost:3000
- Backend API: http://localhost:8000
- Deep scanning option with OWASP Dependency Check
- Extended support for C/C++, Dart, PHP, Rust, Ruby
- Generating command line batch fixes
- Adaptive UI (for mobile devices)