The OpenSSF scorecard tool recommends using SAST. Specifically it recommends that Github based project enable Github code scanning. Refer: https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast
The OpenSSF scorecard tool recommends using SAST. Specifically it recommends that Github based project enable Github code scanning.
Refer: https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast