A software tool that scans open source programs for security risks, performance, and code-quality issues while ensuring compliance with best practices in code writing.
One of the standout features of Yasca is that it comes with two components - a framework for conducting source code analyses, and an implementation of that framework, which leverages custom plugins, FindBugs, PMD, and Jlint. This makes it easier to customize your analysis settings and to fine-tune your code review process.
Once the analysis is complete, Yasca will generate an output in the form of an HTML file containing all the findings. This makes it easier for developers to quickly identify issues and prioritize their fixes. Overall, Yasca is a great tool for those who want to streamline their code review process and delivers impressive results on the fly.
Version 2.0: N/A