Only .net supported? - Githubissues

pumasecurity / puma-scan

Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications.

https://www.pumascan.com

Mozilla Public License 2.0

446 stars 79 forks source link

Only .net supported? #71

Closed nathanawmk closed 3 years ago

nathanawmk commented 3 years ago

This is a great and useful project. However, Only .net is supported?

ejohn20 commented 3 years ago

Correct, the underlying engine is using the .NET Compiler API (open source Roslyn) to gather data from the source code. We can analyze "additional code" files (e.g. config, js, etc.), which there are some rules for as well.