Open github-actions[bot] opened 4 days ago
Checking if each tool that detects security issues is included in the documentation:
✅ Cppcheck (C, CPP) is included, supports 5 security code patterns ✅ Clang-Tidy (C, CPP, Objective C) is included, supports 28 security code patterns ✅ Checkov (JSON, YAML, Terraform) is included, supports 265 security code patterns ✅ ShellCheck (Shell) is included, supports 4 security code patterns ✅ Prospector (Python) is included, supports 2 security code patterns ❌ ESLint9 (Javascript, TypeScript) ISN'T included, supports 37 security code patterns ✅ Trivy (Dart, XML, TypeScript, Python, Javascript, Elixir, PHP, C, CSharp, Swift, CPP, Scala, JSON, Rust, Ruby, Terraform, Go, Java, Dockerfile, YAML) is included, supports 4 security code patterns ✅ Pylint (Python) is included, supports 2 security code patterns ✅ TSQLLint (SQL, TSQL) is included, supports 1 security code patterns ✅ PHP Mess Detector (PHP) is included, supports 1 security code patterns ✅ Codacy ScalaMeta Pro (Scala) is included, supports 35 security code patterns ✅ Semgrep (PLSQL, Shell, TypeScript, Python, Javascript, PHP, C, Swift, CPP, Scala, Rust, Ruby, Terraform, Apex, Go, Kotlin, CSharp, Java, Dockerfile, YAML) is included, supports 2080 security code patterns ✅ Credo (Elixir) is included, supports 2 security code patterns ✅ RuboCop (Ruby) is included, supports 7 security code patterns ✅ Flawfinder (C, CPP) is included, supports 222 security code patterns ✅ SonarC# (CSharp) is included, supports 41 security code patterns ✅ Bandit (Python) is included, supports 78 security code patterns ✅ PSScriptAnalyzer (Powershell) is included, supports 6 security code patterns ✅ PMD (PLSQL, XML, JSP, Velocity, Apex, Javascript, VisualForce, Java, SQL) is included, supports 17 security code patterns ✅ SonarVB (VisualBasic) is included, supports 24 security code patterns ✅ Brakeman (Ruby) is included, supports 69 security code patterns ✅ Hadolint (Dockerfile) is included, supports 4 security code patterns ✅ CodeNarc (Groovy) is included, supports 10 security code patterns ✅ SpotBugs (Java, Scala) is included, supports 183 security code patterns ❌ PMD7 (PLSQL, XML, JSP, Apex, Javascript, VisualForce, Kotlin, Java, Swift, TypeScript, Velocity) ISN'T included, supports 17 security code patterns ✅ Gosec (Go) is included, supports 34 security code patterns ✅ PHP_CodeSniffer (PHP) is included, supports 59 security code patterns ✅ ESLint (Javascript, TypeScript) is included, supports 40 security code patterns
Found 2 tools that aren't included in the documentation.
Checking if each tool that detects security issues is included in the documentation:
✅ Cppcheck (C, CPP) is included, supports 5 security code patterns ✅ Clang-Tidy (C, CPP, Objective C) is included, supports 28 security code patterns ✅ Checkov (JSON, YAML, Terraform) is included, supports 265 security code patterns ✅ ShellCheck (Shell) is included, supports 4 security code patterns ✅ Prospector (Python) is included, supports 2 security code patterns ❌ ESLint9 (Javascript, TypeScript) ISN'T included, supports 37 security code patterns ✅ Trivy (Dart, XML, TypeScript, Python, Javascript, Elixir, PHP, C, CSharp, Swift, CPP, Scala, JSON, Rust, Ruby, Terraform, Go, Java, Dockerfile, YAML) is included, supports 4 security code patterns ✅ Pylint (Python) is included, supports 2 security code patterns ✅ TSQLLint (SQL, TSQL) is included, supports 1 security code patterns ✅ PHP Mess Detector (PHP) is included, supports 1 security code patterns ✅ Codacy ScalaMeta Pro (Scala) is included, supports 35 security code patterns ✅ Semgrep (PLSQL, Shell, TypeScript, Python, Javascript, PHP, C, Swift, CPP, Scala, Rust, Ruby, Terraform, Apex, Go, Kotlin, CSharp, Java, Dockerfile, YAML) is included, supports 2080 security code patterns ✅ Credo (Elixir) is included, supports 2 security code patterns ✅ RuboCop (Ruby) is included, supports 7 security code patterns ✅ Flawfinder (C, CPP) is included, supports 222 security code patterns ✅ SonarC# (CSharp) is included, supports 41 security code patterns ✅ Bandit (Python) is included, supports 78 security code patterns ✅ PSScriptAnalyzer (Powershell) is included, supports 6 security code patterns ✅ PMD (PLSQL, XML, JSP, Velocity, Apex, Javascript, VisualForce, Java, SQL) is included, supports 17 security code patterns ✅ SonarVB (VisualBasic) is included, supports 24 security code patterns ✅ Brakeman (Ruby) is included, supports 69 security code patterns ✅ Hadolint (Dockerfile) is included, supports 4 security code patterns ✅ CodeNarc (Groovy) is included, supports 10 security code patterns ✅ SpotBugs (Java, Scala) is included, supports 183 security code patterns ❌ PMD7 (PLSQL, XML, JSP, Apex, Javascript, VisualForce, Kotlin, Java, Swift, TypeScript, Velocity) ISN'T included, supports 17 security code patterns ✅ Gosec (Go) is included, supports 34 security code patterns ✅ PHP_CodeSniffer (PHP) is included, supports 59 security code patterns ✅ ESLint (Javascript, TypeScript) is included, supports 40 security code patterns
Found 2 tools that aren't included in the documentation.