Introduction
Static application security testing (SAST) is a security testing technique for identifying security vulnerabilities in an application's source code. We aim to provide a clear overview of the currently supported languages.
Languages | Versions supported | Frameworks supported | File extensions |
---|---|---|---|
Android | 10 to 14 | N/A | .apk |
Bash | 4.0 to 5.2 | N/A | .sh |
C# | C#6.0 to C#11 | .NET | .cs |
Cloudformation | July 2022 | N/A | .yaml, .yml, .json |
Configuration files | N/A | N/A | .json |
Dart | 2.0 to 3.2 | Flutter | .dart |
Docker | >20 | N/A | Dockerfile |
DockerCompose | N/A | N/A | .yaml |
Go | 1.0 to 1.21 | N/A | .go |
HTML | 5 | N/A | .html |
Java | 8, 11, 17 and 21 | JDK | .java |
Javascript | ES-5 and ES-6 (2015 to 2020) | React, Angular, Vue | .js, .jsx |
Kotlin | 1.3 to 1.9 | N/A | .kt |
Kubernetes | N/A | N/A | .yaml, .yml |
Python | 3.0 to 3.12 | Django, Flask, FastAPI | .py |
PHP | 7.0.0 to 8.3.6 | N/A | .php |
Swift | 3.0 to 5.9 | N/A | .swift |
Typescript | 1.0 to 5.3 | Same as JS | .ts, .tsx |
Terraform | 1.0 to 1.7 | N/A | .tf |