Today the OpenChain Project is releasing a community contribution from Ibrahim Haddad covering metrics that can be applied to evaluate source code scanning tools. This is a timely topic, given the amount of discussion around our global community around automation, and the initial release of this document is intended to encourage discussion about what a final, official OpenChain reference document could contain.
Get this guide and many more documents in the OpenChain Reference Library: https://github.com/OpenChain-Project/Reference-Material