Static analysis at ludicrous speed.See the tool
Description
Semgrep is a highly-configurable SAST tool that looks for recurring patterns in the syntax tree. It can either run locally using Docker or be integrated into the CI/CD pipeline with Github Actions. Results are delivered as JSON files, allowing you to pipe the results into other tools, like jq in order to manipulate them.
More Resources & Tools in Security
Use Docker and Dockery Compose to test and find blind cross-site scripting vulnerabilities.
Analyze webpack production bundle
A CLI tool that helps you avoid undefined user behaviour by validating your API specifications.