
Free static aplication security testing tool for open-source code - geromek
https://srcclr.com/
======
curphey
Its a DevSec tool rather than traditional security static analysis focused on
a very specific but important use case of helping developers avoid using
vulnerable or insecure open-source libraries.

