@dsalo if you've ever worked with a static analysis tool on a large codebase, "reported vulnerabilities that have a chance of being significant" are a dime a dozen. The hard part is triaging the massive number of mostly not meaningful reports and finding the handful of ones worth addressing, and the extra extra hard problem is doing this in a way where you can keep running the tools without having to repeat the whole audit process every time.
AFAIK Mythos doesn't address either of these points.
Kevin Granade
@kevingranade@mastodon.gamedev.place
Software developer, FOSS enthusiast, and accidental gamedev. See https://cataclysmdda.org for my game, or not, I'm not your supervisor. I mostly work in C++ and zombies, though I occasionally dabble in lisp and other eldritch horrors.
mastodon.gamedev.place
Kevin Granade
@kevingranade@mastodon.gamedev.place
Software developer, FOSS enthusiast, and accidental gamedev. See https://cataclysmdda.org for my game, or not, I'm not your supervisor. I mostly work in C++ and zombies, though I occasionally dabble in lisp and other eldritch horrors.
mastodon.gamedev.place
@kevingranade@mastodon.gamedev.place
·
3d ago
0
0
0
Loading comments...