1 comment

[ 2.5 ms ] story [ 7.2 ms ] thread
Its a DevSec tool rather than traditional security static analysis focused on a very specific but important use case of helping developers avoid using vulnerable or insecure open-source libraries.