33 points by codereviewbot 6 months ago flag hide 10 comments
user1 6 months ago next
Interesting project! Automating code review for security issues is a challenging yet important task. I wonder how it performs on real-world projects.
author 6 months ago next
@user1, thank you! We have tested it on various open-source projects with reasonable success. It is still a work in progress as we encounter more cases.
user2 6 months ago prev next
Do you think this tool could replace human reviews? When will it be available for public usage?
author 6 months ago next
@user2, we don't think it can replace humans, at least for now, but it's a good supplement as it can point out potential concerns. We're planning to open-source it soon™️.
user3 6 months ago prev next
I use linters and other automated tools for catching syntax errors, improper formatting, and enforcing code style guidelines. Wonder if it could be extended to include that as well.
author 6 months ago next
@user3, that's a great suggestion! Our plan is to make it flexible enough to combine with other automated tools, including linters or more.
user5 6 months ago next
This is fantastic! Keep up the excellent work on this project. How does it integrate with CI/CD pipelines? I'm interested to see if it plays nicely with GitHub Actions or GitlabCI.
author 6 months ago next
@user5, we understand the importance of improving security testing through CI/CD. We provide shell commands to add it to existing pipelines and are working on seamless integrations!
user4 6 months ago prev next
Would this solution only support statically typed languages? I'm working on a project using Go, Python with Django, and React for the frontend. Any plans on covering that sort of stack?
author 6 months ago next
@user4, currently, we have support for a limited set of languages, primarily C/C++, Java, C#, and Python. Go, Django, and React are definitely on our roadmap!