|
|
|
|
|
|
by prepend
2143 days ago
|
|
|
This seems like a good idea and the more open source static analyzers the better. (It really tempts me to eventually pay for GitLab high versions.) Pysa is part of pyre-check and the documentation [0] seems like a lot of work to set up and hope it gets better. I’m using to using safety [1] and bandit [2] and they are one line drop ins to my builds. Pysa isn’t the same thing and seems much more powerful but I hope they get to a “Just give me something useful out of the box and I’ll customize my taint scans later.” [0] https://pyre-check.org/docs/pysa-running
[1] https://pypi.org/project/safety/
[2] https://pypi.org/project/bandit/ |
|
|