Missing security tools report #2437
Description
Checking if each tool that detects security issues is included in the documentation:
✅ Trivy (Dart, XML, TypeScript, Python, Javascript, Elixir, PHP, C, CSharp, Swift, CPP, Scala, JSON, Rust, Ruby, Terraform, Go, Java, Dockerfile, YAML) is included, supports 4 security code patterns
✅ PSScriptAnalyzer (Powershell) is included, supports 6 security code patterns
✅ CodeNarc (Groovy) is included, supports 10 security code patterns
✅ Flawfinder (C, CPP) is included, supports 222 security code patterns
✅ PHP_CodeSniffer (PHP) is included, supports 89 security code patterns
❌ Revive (Go) ISN'T included, supports 1 security code patterns
✅ Checkov (JSON, YAML, Terraform) is included, supports 1191 security code patterns
✅ Clang-Tidy (C, CPP, Objective C) is included, supports 31 security code patterns
✅ Semgrep (PLSQL, Shell, TypeScript, Python, Javascript, PHP, C, CPP, Scala, Rust, Ruby, Terraform, Apex, Go, Kotlin, CSharp, Java, Dockerfile, YAML, SQL, Swift) is included, supports 2125 security code patterns
❌ dartanalyzer (Dart) ISN'T included, supports 4 security code patterns
❌ SwiftLint (Swift) ISN'T included, supports 1 security code patterns
✅ Pylint (Python) is included, supports 2 security code patterns
✅ Credo (Elixir) is included, supports 3 security code patterns
✅ ShellCheck (Shell) is included, supports 3 security code patterns
✅ SpotBugs (Java, Scala) is included, supports 188 security code patterns
✅ Gosec (Go) is included, supports 29 security code patterns
✅ Prospector (Python) is included, supports 2 security code patterns
✅ RuboCop (Ruby) is included, supports 20 security code patterns
✅ SonarC# (CSharp) is included, supports 52 security code patterns
✅ ESLint (Javascript, TypeScript) is included, supports 73 security code patterns
✅ Codacy ScalaMeta Pro (Scala) is included, supports 34 security code patterns
✅ Ruff (Python) is included, supports 65 security code patterns
✅ Cppcheck (C, CPP) is included, supports 11 security code patterns
❌ Spectral (YAML, JSON) ISN'T included, supports 5 security code patterns
✅ SonarVB (VisualBasic) is included, supports 19 security code patterns
✅ Brakeman (Ruby) is included, supports 68 security code patterns
✅ PMD (PLSQL, XML, JSP, Apex, Javascript, VisualForce, Kotlin, Java, Swift, TypeScript, Velocity) is included, supports 17 security code patterns
✅ ESLint (Javascript, TypeScript) is included, supports 123 security code patterns
✅ Bandit (Python) is included, supports 78 security code patterns
✅ PMD (PLSQL, XML, JSP, Velocity, Apex, Javascript, VisualForce, Java, SQL) is included, supports 18 security code patterns
✅ Hadolint (Dockerfile) is included, supports 2 security code patterns
❌ Stylelint (CSS, LESS, SASS) ISN'T included, supports 2 security code patterns
✅ PHP Mess Detector (PHP) is included, supports 1 security code patterns
Found 5 tools that aren't included in the documentation.