SonarCloud is the popular provider tool to find bugs and vulnerabilities in your Pull Requests through your Github repositories automatically.
No more frustrations, whatever the programming language/technology you’re using, this tool works with more than 20 languages including: Java, JS, C#, C/C++, Objective-C, TypeScript, Python.
SonarCloud could be downloaded and installed as an amazing extension with Visual Code for free: https://marketplace.visualstudio.com/items?itemName=SonarSource.sonarcloud
It provides instant insights on code quality (code smells) bugs, duplications, and vulnerabilities and avoid you hours in code refactoring.
Website: https://sonarcloud.io