Semgrep
A fast, open-source, static analysis tool for finding bugs and enforcing code standards at editor, commit, and CI time. Its rules look like the code you already write; no abstract syntax trees or regex wrestling. Supports 17+ languages.
Github:
- 744574454264112019
Workflow integration:
cli
service
https://github.com/returntocorp/semgrep
GNU Lesser General Public License v2.1
Maintained