What are your go-to static code analysis tools? Any options that you use and would recommend?

Applications & PlatformsEngineering
646 viewscircle icon1 Upvotecircle icon2 Comments
Sort by:
CTO in Mediaa year ago

For CI and quality gates, we use SonarCloud, which has good integration with GitHub.

Director of Engineeringa year ago

We use SonarCloud for static code analysis and have also implemented automation that runs whenever a pull request is opened for review.

Lightbulb on1

Content you might like

Has anyone been successful in implementing a FinOps Cost Optimization policy to turn down idle cloud instances during off hours (nights/weekends)?  DId you start with non-prod environments?  How are you handling logging/monitoring alerts during that time?

What is the importance of observability in any enterprise level application landscape having multiple applications being used for external and internal customers and deployed across multi-cloud deployments from on-prem to different clouds ?

Read More Comments

Which RDBMS do you feel best suits the needs of today's climate of rapid change and iteration?

SQLite8%

CouchDB17%

PostgreSQL27%

MongoDB27%

SQLServer19%

View Results

Does your organization have a team/department in charge of tracking and managing open source licensing?

Yes60%

No40%

Not yet, but we’re creating one

Unsure

View Results

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Read More Comments