As a developer, I have faced my fair share of security mishaps. I recall times
when I accidentally exposed sensitive data in logs or sent a network request
over a non-encrypted HTTP channel when HTTPS was available. I'm sure many of you
can relate to these situations. We may not be security experts, but that doesn't
mean we shouldn't take measures to protect our applications. This is where
comes into play.
We are happy to announce that we completely rebuilt analysis-tools.dev from
scratch with more features and a new design!This is a major milestone for us, as it marks the first time we sat down to
reinvision what the project should become in the next few years.
This project started as a way to scratch my own itch:Years later, many people still seem to have the same problem.
There are more than 500 static analysis (SAST) tools out there; how can you
possibly find the "best" one?
Static analysis is great! It helps improve code quality by inspecting source
code without even running it. There are hundreds of great tools to choose from —
many are free or open-source. Unfortunately, many projects still don’t make use
of static analysis tools for various reasons.
We found that static code analysis is a topic that is attracting a lot of engineers, which care about code-quality and solid engineering standards. Our goal is to create an open community for developers that want to take their code and skill set to the next level.
Today we welcome DeepCode as our first sponsor.It makes us incredibly happy to see the backing of our community project
from such a forward-thinking company.
Just like us, DeepCode thinks that the space of analysis tools could be vastly improved
to increase code quality and foster best practices within organizations of any size.