You need to sign in or sign up before continuing.
Research: Secure SAST Analyzer Multi-Module
We are currently in the process of updating .NET SAST to support multiple projects in a single solution in #6289 (closed), and have an open issue regarding module inheritance in Java products at #24076 while the scanner already supports multiple modules in a single repository.
We should identify what other languages implemented by our Secure tools commonly use multiple projects or modules in a single repository, if there are any gaps in our Secure analyzers regarding multi-project in these languages, and if we have a need for new test projects or modifications to existing ones to verify these cases.
SAST supported languages table
| Language | Multi-Project | Analyzer support | Test project |
|---|---|---|---|
| .NET |
|
||
| Apex (Salesforce) | |||
| C/C++ | |||
| Elixir (Phoenix) |
|
||
| Go | |||
| Groovy (Ant, Gradle, Maven, SBT) | |||
| Java (Ant, Gradle, Maven, SBT) | |||
| Kubernetes manifests | |||
| Node.js | |||
| PHP | |||
| Python | |||
| React | |||
| Ruby on Rails | |||
| Scala (Ant, Gradle, Maven, SBT) | |||
| Typescript |
Edited by Aleksandr Soborov