Kotlin (Beta)

This article shows you how to analyze your applications which are written in Kotlin using NG SAST. It assumes that you have already set up and authenticated with ShiftLeft.



  • Only supports the analysis of Android applications written in Kotlin using SDK versions 24 to 30.
  • Requires a build environment with at least 16 GB of memory available.
  • Utilizes Java SE Runtime Environment 8; if necessary, you can install this by running sl update jre.

NG SAST for Kotlin runs on source code and does NOT require the target project to be built beforehand.

Analyzing Your Kotlin Application

To analyze your Kotlin application, run:

sl analyze --app <name> --kotlin [<path>]
--app <name>The name of the application to be analyzed
--kotlinThe flag identifying the application's language
<path>The location of the application's parent source directory

See the CLI reference for additional sl analyze options.

If you would like to use NG SAST to scan non-Android applications written in Kotlin (i.e., backend services) or applications written in both Java and Kotlin, please contact ShiftLeft's customer support team for further assistance.