Commit list

Analysis Tools Bot · Analysis Tools Bot · commit 3f4d0cd67900 · 2026-01-23T18:05:12.000Z
diff --git a/README.md b/README.md
@@ -699,7 +699,7 @@ Its technology helps developers automate testing, find bugs, and reduce manual l
 
 - **es6-plato** :warning: — Visualize JavaScript (ES6) source complexity.
 
-- **escomplex** :warning: — Software complexity analysis of JavaScript-family abstract syntax trees.
+- [escomplex](https://github.com/jared-stilwell/escomplex) — Software complexity analysis of JavaScript-family abstract syntax trees.
 
 - **Esprima** :warning: — ECMAScript parsing infrastructure for multipurpose analysis.
 
@@ -1609,6 +1609,8 @@ It supports multiple languages and is designed to be extensible, allowing you to
 
 - [Semgrep Supply Chain](https://semgrep.dev/products/semgrep-supply-chain) :copyright: — Quickly find and remediate high-priority security issues.  Semgrep Supply Chain prioritizes the 2% of vulnerabilities that are reachable from your code.
 
+- [Seqra](https://seqra.dev) — Security-focused static analyzer for Java and Kotlin web applications. Analyzes bytecode with Semgrep-style YAML rules and CodeQL-grade dataflow (with first-class Spring support) to find vulnerabilities that source-only scanners miss.
+
 - [ShiftLeft Scan](https://github.com/ShiftLeftSecurity/sast-scan) — Scan is a free open-source DevSecOps platform for detecting security issues in source code and dependencies. It supports a broad range of languages and CI/CD pipelines.
 
 - **shipshape** :warning: — Static program analysis platform that allows custom analyzers to plug in through a common interface.
diff --git a/data/api/tags.json b/data/api/tags.json
@@ -552,6 +552,11 @@
       "value": "support",
       "tag_type": "Other"
     },
+    {
+      "name": "Spring",
+      "value": "spring",
+      "tag_type": "Other"
+    },
     {
       "name": "Template-Languages",
       "value": "template",
diff --git a/data/api/tools.json b/data/api/tools.json
@@ -7092,7 +7092,7 @@
     "plans": null,
     "description": "Software complexity analysis of JavaScript-family abstract syntax trees.",
     "discussion": null,
-    "deprecated": true,
+    "deprecated": null,
     "resources": null,
     "reviews": null,
     "demos": null,
@@ -18146,6 +18146,44 @@
     "demos": null,
     "wrapper": null
   },
+  "seqra": {
+    "name": "Seqra",
+    "categories": [
+      "linter"
+    ],
+    "languages": [
+      "java",
+      "kotlin"
+    ],
+    "other": [
+      "ci",
+      "security",
+      "spring",
+      "yaml"
+    ],
+    "licenses": [
+      "MIT"
+    ],
+    "types": [
+      "cli"
+    ],
+    "homepage": "https://seqra.dev",
+    "source": "https://github.com/seqra/seqra",
+    "pricing": null,
+    "plans": null,
+    "description": "Security-focused static analyzer for Java and Kotlin web applications. Analyzes bytecode with Semgrep-style YAML rules and CodeQL-grade dataflow (with first-class Spring support) to find vulnerabilities that source-only scanners miss.",
+    "discussion": null,
+    "deprecated": null,
+    "resources": [
+      {
+        "title": "Static Analysis Showdown: How Semgrep, CodeQL, and Seqra Handle XSS Detection",
+        "url": "https://seqra.dev/blog/semgrep-vs-codeql-vs-seqra"
+      }
+    ],
+    "reviews": null,
+    "demos": null,
+    "wrapper": null
+  },
   "sh": {
     "name": "sh",
     "categories": [
