Would be grateful if someone can suggest the infrastructural code scanning/analysis tool. If possible, please suggest on the basis of few or any of these parameters:
- Maximum usage by the industry so that it would be easier to locate answers on portals like github, stackoverflow, slack, gitter etc.
- Possible integration within CI/CD pipelines using github actions
- If possible, accept custom rules/plugins as well
- Not necessary, but an advantage if there is an enterprise version available along with open source so that in the future we have a possibility to onboard for support from the company.
Would really appreciate your support. Thank you.