Show HN: Zift – find authorization logic in your code (github.com)

Zift, a new tool announced in its v0.2 release, is designed to help developers identify and manage authorization logic within their codebase. By integrating structural scanning capabilities for languages like TypeScript, JavaScript, Python, and more, Zift can detect embedded authorization patterns such as role checks and permission guards. This is pivotal for organizations, as traditionally dispersing these checks across application code complicates auditing and consistency in access control enforcement. Zift enables users to externalize this logic into Policy as Code (PaC), specifically utilizing Rego policies for Open Policy Agent (OPA), streamlining compliance and governance processes. Significantly, Zift offers both structural and LLM-assisted semantic scanning modes. The structural scan provides a deterministic identification of known patterns, while the semantic scan leverages LLM capabilities to catch nuanced business rules that may be missed otherwise. This dual approach enhances the tool's flexibility, making it applicable across various programming languages and frameworks, including those not yet directly supported. Additionally, Zift's integration with different model endpoints allows developers to utilize pre-existing infrastructure seamlessly, thereby improving the overall efficiency of security protocols in application development.