Enable SAST

This check determines if the project uses Static Application Security Testing (SAST), also known as static code analysis.

SAST is testing run on source code before the application is run. Using SAST tools can prevent known classes of bugs from being inadvertently introduced in the codebase.

The checks currently look for known GitHub apps such as CodeQL (github-code-scanning) or SonarCloud in the recent (~30) merged PRs or the use of "GitHub/code-action" in a GitHub workflow. It also checks for the deprecated LGTM service until its forthcoming shutdown.

PreviousConfigure Dependabot NextEnable Dependency Review

Last updated 4 months ago