Problem to solve
A possible candidate is jsprime, but we need to evaluate it first in order to ensure it matches our needs and quality standards.
What does success look like, and how can we measure that?
We will be able to measure it when #5621 (closed) will be implemented.
- Evaluate the tool
- Implement the new analyzer
- Update test projects to use the new analyzer (https://gitlab.com/gitlab-org/security-products/tests)
- Update QA (https://gitlab.com/gitlab-org/security-products/tests/common#security-products-test-projects)
- Update Docs