Threat Dragon version 2.0
SAST
Static Application Security Testing (SAST)
Static application security testing is the process of examining code at rest to identify potential vulnerabilities and misconfigurations. This is provided by CodeQL and is run as part of every pull request. Pull requests with CodeQL failures will not be accepted unless the alert is proven to be a false/positive.