We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Checking if each tool that detects security issues is included in the documentation:
✅ Cppcheck (C, CPP) is included, supports 5 security code patterns ✅ Clang-Tidy (C, CPP, Objective C) is included, supports 28 security code patterns ✅ Checkov (JSON, YAML, Terraform) is included, supports 265 security code patterns ✅ ShellCheck (Shell) is included, supports 4 security code patterns ✅ Prospector (Python) is included, supports 2 security code patterns ❌ ESLint9 (Javascript, TypeScript) ISN'T included, supports 37 security code patterns ✅ Trivy (Dart, XML, TypeScript, Python, Javascript, Elixir, PHP, C, CSharp, Swift, CPP, Scala, JSON, Rust, Ruby, Terraform, Go, Java, Dockerfile, YAML) is included, supports 4 security code patterns ✅ Pylint (Python) is included, supports 2 security code patterns ✅ TSQLLint (SQL, TSQL) is included, supports 1 security code patterns ✅ PHP Mess Detector (PHP) is included, supports 1 security code patterns ✅ Codacy ScalaMeta Pro (Scala) is included, supports 35 security code patterns ✅ Semgrep (PLSQL, Shell, TypeScript, Python, Javascript, PHP, C, Swift, CPP, Scala, Rust, Ruby, Terraform, Apex, Go, Kotlin, CSharp, Java, Dockerfile, YAML) is included, supports 2078 security code patterns ✅ Credo (Elixir) is included, supports 2 security code patterns ✅ RuboCop (Ruby) is included, supports 7 security code patterns ✅ Flawfinder (C, CPP) is included, supports 222 security code patterns ✅ SonarC# (CSharp) is included, supports 41 security code patterns ✅ Bandit (Python) is included, supports 78 security code patterns ✅ PSScriptAnalyzer (Powershell) is included, supports 6 security code patterns ✅ PMD (PLSQL, XML, JSP, Velocity, Apex, Javascript, VisualForce, Java, SQL) is included, supports 17 security code patterns ✅ SonarVB (VisualBasic) is included, supports 24 security code patterns ✅ Brakeman (Ruby) is included, supports 69 security code patterns ✅ Hadolint (Dockerfile) is included, supports 4 security code patterns ✅ CodeNarc (Groovy) is included, supports 10 security code patterns ✅ SpotBugs (Java, Scala) is included, supports 183 security code patterns ❌ PMD7 (PLSQL, XML, JSP, Apex, Javascript, VisualForce, Kotlin, Java, Swift, TypeScript, Velocity) ISN'T included, supports 17 security code patterns ✅ Gosec (Go) is included, supports 34 security code patterns ✅ PHP_CodeSniffer (PHP) is included, supports 59 security code patterns ✅ ESLint (Javascript, TypeScript) is included, supports 40 security code patterns
Found 2 tools that aren't included in the documentation.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Checking if each tool that detects security issues is included in the documentation:
✅ Cppcheck (C, CPP) is included, supports 5 security code patterns
✅ Clang-Tidy (C, CPP, Objective C) is included, supports 28 security code patterns
✅ Checkov (JSON, YAML, Terraform) is included, supports 265 security code patterns
✅ ShellCheck (Shell) is included, supports 4 security code patterns
✅ Prospector (Python) is included, supports 2 security code patterns
❌ ESLint9 (Javascript, TypeScript) ISN'T included, supports 37 security code patterns
✅ Trivy (Dart, XML, TypeScript, Python, Javascript, Elixir, PHP, C, CSharp, Swift, CPP, Scala, JSON, Rust, Ruby, Terraform, Go, Java, Dockerfile, YAML) is included, supports 4 security code patterns
✅ Pylint (Python) is included, supports 2 security code patterns
✅ TSQLLint (SQL, TSQL) is included, supports 1 security code patterns
✅ PHP Mess Detector (PHP) is included, supports 1 security code patterns
✅ Codacy ScalaMeta Pro (Scala) is included, supports 35 security code patterns
✅ Semgrep (PLSQL, Shell, TypeScript, Python, Javascript, PHP, C, Swift, CPP, Scala, Rust, Ruby, Terraform, Apex, Go, Kotlin, CSharp, Java, Dockerfile, YAML) is included, supports 2078 security code patterns
✅ Credo (Elixir) is included, supports 2 security code patterns
✅ RuboCop (Ruby) is included, supports 7 security code patterns
✅ Flawfinder (C, CPP) is included, supports 222 security code patterns
✅ SonarC# (CSharp) is included, supports 41 security code patterns
✅ Bandit (Python) is included, supports 78 security code patterns
✅ PSScriptAnalyzer (Powershell) is included, supports 6 security code patterns
✅ PMD (PLSQL, XML, JSP, Velocity, Apex, Javascript, VisualForce, Java, SQL) is included, supports 17 security code patterns
✅ SonarVB (VisualBasic) is included, supports 24 security code patterns
✅ Brakeman (Ruby) is included, supports 69 security code patterns
✅ Hadolint (Dockerfile) is included, supports 4 security code patterns
✅ CodeNarc (Groovy) is included, supports 10 security code patterns
✅ SpotBugs (Java, Scala) is included, supports 183 security code patterns
❌ PMD7 (PLSQL, XML, JSP, Apex, Javascript, VisualForce, Kotlin, Java, Swift, TypeScript, Velocity) ISN'T included, supports 17 security code patterns
✅ Gosec (Go) is included, supports 34 security code patterns
✅ PHP_CodeSniffer (PHP) is included, supports 59 security code patterns
✅ ESLint (Javascript, TypeScript) is included, supports 40 security code patterns
Found 2 tools that aren't included in the documentation.
The text was updated successfully, but these errors were encountered: