scrub
scrub copied to clipboard
nasa
SCRUB is a platform for orchestration and aggregation of static code analysis tools.
User should be able to override any value in `scrub.cfg` at runtime. Users can pass override values via a command line flag.
Where possible, we should cross-reference findings between tools and indicate where there is concurrence between multiple tools. We should also look into flagging "problematic lines". These are lines of code...
Fixed two small issues that prevented me from correctly running the CodeQL tool with or without the P10 checks. 1. When running the CodeQL static analysis the Scrub tool would...
Refactor the `create_file_list` module for better performance. For large analyses/deep codebases this process can take a long time.
Storing SCRUB results in a hidden directory can be misleading for some users. Storing analysis in a non-hidden directory makes it easier to locate SCRUB results and log information.
Currently CodeSonar analysis will fail if provided with a relative path to the key and cert files.
SCRUB should be able to interface with GitHub to decorate pull requests with output data from SCRUB analysis.
If no build instructions are provided, SCRUB should attempt common build instructions for the language of choice.
Nominal operation is for SCRUB to continue running if a tool fails, but users may want to exit on first failure. There should be a flag to enabled this. (--strict,...
The command execution error messages that are returned to the user are vague and should provide better information to the user.