Enable analyzers by adding .deepsource.toml configuration file to the root of your repository. Takes couple of minutes to get started.
Native integration with GitHub and GitLab gives you real-time status checks directly in your pull request. Review your code while staying within your existing workflow.
Our principle is to go deep before going broad. As of today our analyzers collectively detect around 1200 different issues across categories like bug risks, anti-patterns, performance issues, security flaws (includes OWASP top 10).
One size doesn't fit all, always. If some violations are intentional, or aren't critical for you to fix at the moment, you can choose to ignore issues in a particular file pattern or the entire repository with a couple of clicks.
Our in-house analyzer team actively updates all the analyzers with new rules, and continuously improves the accuracy of existing rules. All these updates are made available to you by default as and when it rolls out without any effort from your end.
Each issue occurrence is categorized into buckets, a detailed description on what the issue is with examples and potential solution. Get all the necessary details so you can understand the issue, quickly locate and act on them.
Get visibility into key metrics like test coverage, documentation coverage, external and internal dependencies, etc,. Keep a check on overall codebase sanity, how the code is evolving with time, whether or not the code is meeting your quality standards.
Pick the issue categories that matter the most to you — for which if any occurrence is detected, the pull request will be blocked from being merged.
All the false positives reported and support tickets are answered by our engineering team. We take each report seriously and act as fast as we can to resolve them for you.