Comment by jdubansky

I have been working on a simple SAST like AI code scanning tool. Currently it only uses OpenAI API to do the scanning but maybe if I get access to other APIs I can add them. There are still a lot of features I would like to add but I am building this in two parts, the CLI scanner and the web management UI. At the moment the UI and scanner run together but eventually I want to break this out so that the scanner can just report findings to the UI remotely. This would be nice if running from a CI/CD environment. I eventually also plan to add some sort of scoping to the scanner so it can be targeted to new branches.

Posting this as maybe it will help other orgs out there that are looking for SAST and want to do it cheaply. https://github.com/jdubansky/sassycode