Open MrWong99 opened 2 years ago
Semgrep is an open source SAST tool which supports the languages you mentioned. There are publicly available rules which can be used, documented here: https://semgrep.dev/r Custom rules can be written as per use case
Semgrep is an open source SAST tool which supports the languages you mentioned. There are publicly available rules which can be used, documented here: https://semgrep.dev/r Custom rules can be written as per use case
Sounds exactly like the perfect tool for the job an more! 😍
/assign
Is your feature request related to a problem? Please describe.
For most software security checks it is just best practice and very standard to run static code analysis tools.
Describe the solution you'd like
I want a tool driven, standardized and performant solution to perform static code analysis with a focus on security for the most common programming languages or frameworks starting with, but not limited to: