Why do you need access to my source code?
Reshift is a static code analysis tool that operates on both the source code and the binaries. reshift primarily needs continuous access to the source code for the following reasons:
- To display accurate diagnostic information to the user as they triage a vulnerability. Information such as line numbers for the vulnerabilities found, Git blame and branch information.
- To be able to integrate security issues found into the Pull request workflow