Skip to content

Improved code quality and static analysis scanning #15

Description

@hexolan

Currently scanning with GitHub's CodeQL


Snyk - Primarily vulnerability scanning, has code quality, IDE support, Git integrations available

Codacy - Code quality, security scanning, Git support (PR scanning), IDE support

SonarQube - Code quality, secrets scanning, Git support, IDE support


Found an expansive list of available OS solutions: https://owasp.org/www-community/Source_Code_Analysis_Tools

Metadata

Metadata

Assignees

Labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions