Zoncolan: How Facebook uses static analysis to detect, prevent security issues(engineering.fb.com)
engineering.fb.com
Zoncolan: How Facebook uses static analysis to detect, prevent security issues
https://engineering.fb.com/security/zoncolan/
2 comments
Does this happen to use SPARTA (https://github.com/facebookincubator/SPARTA) for its abstract interpretation?
Zoncolan and SPARTA both use abstract interpretation at their core, but as far as the code/implementation goes they are mostly unrelated. Zoncolan is built on top of the Hack type checker (https://hacklang.org/), which means that it's largely written in OCaml.