Static and dynamic analysis service
OpenScanHub is a service for static and dynamic analysis. By default it uses Cppcheck
, ShellCheck
, the static analyzers embedded in GCC and Clang, find-unicode-control
, and the Gitleaks
tool. Other tools for static and dynamic analysis can be enabled on demand while submitting an OpenScanHub scan.
OpenScanHub can analyze RPM packages and source code tarballs.
It can be used by any developer. It can help to improve security and stability of projects by finding defects in the source code.
It is used inside Red Hat to scan releases of RHEL and a few other projects.
It is running as a Fedora service. Alternatively, you can use it on your local system by following the developer documentation.
Developer documentation can be found on GitHub.
Code Scanning Utilities - csutils
Questions can be discussed on the mailing list.