GitHub, Code Scanning to find vulnerabilities

GitHub, Code Scanning to find vulnerabilities
GitHub today introduces Code Scanning, a tool whose name is already quite explanatory to understand its usefulness: it scans the code for vulnerabilities and errors. This is quite succinctly described on the platform.

Code Scanning is a feature you can use to scan code in a GitHub repository for security vulnerabilities and errors. Every problem identified by the analysis is shown in GitHub.

Code Scanning debuts for everyone on GitHub

It is the result of the acquisition of Semmle, a startup from San Francisco born only a couple of years ago from a research project at Oxford University, but already alongside companies such as Uber, NASA, Google and Microsoft with precisely the same purpose: to conduct code analysis quickly, efficiently and automatically through the developed CodeQL engine .



The aim of Code Scanning is to speed up the operations related to the discovery of vulnerabilities and errors, making them automatic through an approach based on the search for specific patterns within the code, consequently reducing the time needed to introduce the necessary fixes. Its use is free for everyone.



Just over a week ago the platform (controlled by Microsoft for a couple of years) confirmed the replacement of the wording Master in Main, anticipated in June and effective from today (October 1, 2020), with the aim of eliminating any reference to terms capable of recalling the idea of ​​slavery (Master / Slave).

Source: GitHub
Powered by Blogger.