AWS 推出了 Code Review 服務 Amazon CodeGuru,使用 machine learning 提供建議:「AWS announces Amazon CodeGuru for automated code reviews and application performance recommendations」。
從界面就可以看出來同時支援 GitHub 與自家的 CodeCommit,看起來可以給不少建議,但網站上沒有提到 security 這塊,本來以為產品的定位不在這邊:
不過 FAQ 裡還是有提到常見的 security issue:
Q: What type of issues are detected by Amazon CodeGuru Reviewer?
Amazon CodeGuru Reviewer checks for concurrency issues, potential race conditions, un-sanitized inputs, inappropriate handling of sensitive data such as credentials, resource leaks, and also detects race conditions in concurrent code.
然後 FAQ 裡提到目前只支援 Java:
Amazon CodeGuru Reviewer currently supports Java code stored in GitHub and AWS CodeCommit repositories.
服務的價位是使用行數計算,不過那個 per month 沒看懂是什麼意思:
Code scan (pull requests) $0.75 per 100 lines of code scanned per month
另外推出的 Amazon CodeGuru Profiler 則是 APM 類的東西,這塊目前市場上產品也很多,看起來也要被 AWS 進來蹂躪...