Basic Information
Tool first release date
2020-02-06
Software cost
Free
Software license
GNU LGPL
Hosting
SaaS
Tool website
Process Integration
Deployment model
CI Server
Analysis inputs
Source code
SCM Integration
Git
Display results in IDE
Emacs, IntelliJ IDEA, Vim, VS Code
Live analysis & feedback while coding in IDE
Emacs, IntelliJ IDEA, Vim, VS Code
CI Integration
Generic command line interface (CLI), Bitbucket Pipelines, Bitbucket Server, Chef, CircleCI, GitLab CI, Jenkins
Able to analyze incremental changes to code (commit, patch, pull request)
Can schedule scans
API method to report results in SARIF format
API method to report results in XML/JSON/CSV format
Coverage
Supported programming languages
C, C#, Go, HTML, Java, JavaScript, Kotlin, Lua, Natural, Python, Ruby, Rust, Scala, Swift, TypeScript, XML
Claimed Weakness Coverage
Claimed Weakness Coverage information hasn't been collected yet for this analyzer.
Really want it? Let us know.
Really want it? Let us know.
Checker Customization
Can disable checkers
Can customize checker logic
First-class API to create new checkers
Speed & Scalability
Parallelizes on one host
Parallelizes across more than one host
Results Quality
Provides explanation of warning
Provides severity of warning
Provides confidence information about warning
Provides code context around warning
Reporting
Results suppression even after code changes
Show differences in results set to previous scan
Support
Installation guide or documentation
User/operator guide or documentation
Integration guide or API documentation
