Most Clojure classes cannot be decompiled to Java (locals clearing is all
over it and has no Java equivalent, just as one problem, there are others).
Some people have tried this with Fortify and other bytecode oriented
scanners but I don't know of anyone that's gotten any results that were
usef
Reviving an old topic here, does anyone know of a Clojure 1.10 compatible
security analysis tool? I too thought of just decompiling the .class to
Java. It also appears Fortify can run on bytecode only, so I might give
that a try if I can't find anything else.
Regards
On Wednesday, 21 October 2
In general, Clojure code cannot be decompiled from .class to .java as the
Clojure generated bytecode does things that cannot be represented in Java.
The particular issue below looks like the local-clearing code. It is
possible to turn that off during compilation, however there are likely
other
Maybe you can found the answer here http://stackoverflow.com/a/6590437
Regards.
Andrey
On Wed, Oct 21, 2015 at 11:35 PM, ryan medlin
wrote:
> A customer requires that we scan our clojure projects with this tool:
>
> http://www8.hp.com/us/en/software-solutions/static-code-analysis-sast/
>
>
> Th
