Code Review: Tools
1 minute read
Return to Main Page
hardcodes
hardcodes is a utility for searching strings hardcoded by developers in programs. It uses a modular tokenizer that can handle comments, any number of backslashes & nearly any syntax you throw at it.
Semgrep
Semgrep is a command-line tool for offline static analysis. Use pre-built or custom rules to enforce code and security standards in your codebase. You can try it now with our interactive live editor.
Semgrep combines the convenient and iterative style of grep with the powerful features of an Abstract Syntax Tree (AST) matcher and limited dataflow. Easily find function calls, class or method definitions, and more without having to understand ASTs or wrestle with regexes.
I feedback.
Let me know what you think of this article on twitter @_TheGetch_!
Let me know what you think of this article on twitter @_TheGetch_!