Our team carries out an extensive source code review to identify issues and deal with them, thus protecting the solution from potential disruptions. As part of this process, we work closely with your developers to better understand how the product works, checking its backend and frontend and vetting your project documentation. The overall review process may include:
- Static code analysis (using ESLint, TSLint, SonarQube, Upsource);
- Dynamic code analysis (SonarQube);
- Identification of system dependencies across various modules and integrations (composition analysis);
- Identification of security flaws;
- Design flaws featuring;
- Preparation of the code review report with guidelines for fixing vulnerabilities.