GitHub can now squash even more Code Bugs before Release

By admin

Published on:

GitHub has now released new code scanning tools for Developers

GitHub has now announced that all ten new third party tools have been made available for Developers to use with its recently released code scanning feature. This means developers will be easily able to remove security vulnerabilities and other faults before they are committed to code.

Although, Code scanning was lately announced at the end of September as a developer-first, GitHub native approach is to reduce the number of vulnerabilities before it reach to the production stage.

Developers are now freed up-to focus on writing their most creative and beautiful lines of code. While the GitHub’s CodeQL static scanning engine automatically runs actionable security rules on their Database.

Scanning occurs when new code is created and integrates with GitHub Actions or your existing CI/CD environment to provide the maximum flexibility for developers.

The code scanning feature has been an earlier success by identifying some 20,000 security patch issues since its beta version launch update this year in May. The addition of 10 newer third party tools will add customization options for Developers, while still it allows them to use their preferred GitHub tools and continue using a single-user experience from their side.

“Today, we are happy to introduce all TEN newer third-party tools available with GitHub code scanning,” said ‘Jose Palafox’, a senior business development manager at GitHub confirmed in a blog post. “These open source projects and Static Application Security Testing (SAST) solutions bring a wide array of additional security tools directly into the Developers workflow by ensuring vulnerabilities which will be identified and stuck before they’re committed to the code base”.

Among, the latest 10 newer tools are Checkmarx, the leading software security solution for enterprise software development and Codacy, which provides you a static analysis, cyclomatic complexity, duplication and code unit test coverage that changes for each commit and pull request. The remaining new tools incorporates CodeScan, Muse, DefenseCode ThunderScan, Fortify on Demand, Secure Code Warrior, Veracode Static Analysis, Synopsys Intelligent Security Scan and Xanitizer.

The latest third-party scanning tools are available from the GitHub Marketplace now.

Leave a Comment