Submit a Source Code ZIP
Upload any .zip archive of source code for RepoRisk to analyze for security vulnerabilities, license issues, and code quality problems.
Overview
In addition to browser extensions, RepoRisk accepts generic .zip archives containing source code. This is useful when you have code that is not a browser extension and not hosted in a public Git repository or on NPM.
Note: Scheduled rescans and manual re-scans are not available for ZIP uploads. To enable recurring scans, submit a Git repository URL or a webstore URL instead.
Supported File Types
| File | Description |
|---|---|
.zip | Any source code archive |
.crx | Chrome/Edge browser extension |
.xpi | Firefox browser extension |
If the uploaded .zip contains a root-level manifest.json, RepoRisk automatically treats it as a browser extension and applies extension-specific analysis. Otherwise it is analyzed as a generic source code archive.
Submitting a ZIP Archive
- Log in to your RepoRisk account at https://app.canirunthat.com
- Click the Submit Repository button in the top navigation bar
- Select the "Upload File" tab
- Click the "Choose File" button or drag and drop your
.zipfile - Click "Upload & Analyze"
What Happens After Submission
After submission, you'll be taken to a status page showing the analysis progress.
Important: The status page may appear to freeze or hang briefly while waiting for batch AI queries to complete. This is normal and expected — the system is processing your code in the background.
Processing Time:
- The system uses batch processing with Anthropic for cost efficiency
- Processing can technically take up to 24 hours
- In most cases, analysis completes within a few minutes
Once complete, you'll be able to access the full report.
Alternative Submission Methods
- Browser Extension — To submit a
.crx,.xpi, or webstore URL, see Submit a Browser Extension - Git Repository — To analyze source code from a Git repository, see Submit a Repository
- NPM Package — To analyze an NPM package from npmjs.com, see Submit an NPM Package
Next Steps
- Monitor Progress: Watch your analysis on the Repository Status page
- View Reports: Once analysis is complete, review your security findings in the Security Reports
Troubleshooting
Common Issues
"Upload failed"
- Check your internet connection and try again
- Verify the file is a valid, non-corrupted
.ziparchive - Ensure the archive contains at least one file
"Analysis fails after upload"
- Verify the
.ziparchive is not empty and can be opened with a standard archive tool
For additional help, contact support at [email protected].