Skip to main content

Redpoint and Sequoia are backing a startup to copy edit your shit code

Code is the lifeblood of the modern world, yet the tooling for some programming environments can be remarkably spartan. While developers have long had access to graphical programming environments (IDEs) and performance profilers and debuggers, advanced products to analyze and improve lines of code have been harder to find.

These days, the most typical tool in the kit is a linter, which scans through code pointing out flaws that might cause issues. For instance, there might be too many spaces on a line, or a particular line might have a well-known ambiguity that could cause bugs that are hard to diagnose and would best be avoided.

What if we could expand the power of linters to do a lot more though? What if programmers had an assistant that could analyze their code and actively point out new security issues, erroneous code, style problems, and bad logic?

Static code analysis is a whole interesting branch of computer science, and some of those ideas have trickled into the real-world with tools like semgrep, which was developed at Facebook to add more robust code-checking tools to its developer workflow. Semgrep is an open-source project, and it’s being commercialized through r2c, a startup that wants to bring the power of this tool to the developer masses.

The whole project has found enough traction among developers that Satish Dharmaraj at Redpoint and Jim Goetz at Sequoia teamed up to pour $13 million into the company for its Series A round, and also backed the company in an earlier, unannounced seed round.

The company was founded by three MIT grads — CEO Isaac Evans and Drew Dennison were roommates in college, and they joined up with head of product Luke O’Malley. Across their various experiences, they have worked at Palantir, the intelligence community, and Fortune 500 companies, and when Evans and Dennison were EIRs at Redpoint, they explored ideas based on what they had seen in their wide-ranging coding experiences.

r2c’s team, which I assume only writes bug-free code. Photo by r2c.

“Facebook, Apple, and Amazon are so far ahead when it comes to what they do at the code level to bake security [into their products compared to] other companies, it’s really not even funny,” Evans explained. The big tech companies have massively scaled their coding infrastructure to ensure uniform coding standards, but few others have access to the talent or technology to be on an equal playing field. Through r2c and semgrep, the founders want to close the gap.

With r2c’s technology, developers can scan their codebases on-demand or enforce a regular code check through their continuous integration platform. The company provides its own template rulesets (“rule packs”) to check for issues like security holes, complicated errors, and other potential bugs, and developers and companies can add their own custom rulesets to enforce their own standards. Currently, r2c supports eight programming languages including Javascript and Python and a variety of frameworks, and it is actively working on more compatibility.

One unique focus for r2c has been getting developers onboard with the model. The core technology remains open-sourced. Evans said that “if you actually want something that’s going to get broad developer adoption, it has to be predominantly open source so that developers can actually mess with it and hack on it and see whether or not it’s valuable without having to worry about some kind of super restrictive license.”

Beyond its model, the key has been getting developers to actually use the tool. No one likes bugs, and no developer wants to find more bugs that they have to fix. With semgrep and r2c though, developers can get much more immediate and comprehensive feedback — helping them fix tricky errors before they move on and forget the context of what they were engineering.

“I think one of the coolest things for us is that none of the existing tools in the space have ever been adopted by developers, but for us, it’s about 50/50 developer teams who are getting excited about it versus security teams getting excited about it,” Evans said. Developers hate finding more bugs, but they also hate writing them in the first place. Evans notes that the company’s key metric is the number of bugs found that are actually fixed by developers, indicating that they are offering “good, actionable results” through the product. One area that r2c has explored is actively patching obvious bugs, saving developers time.

Breaches, errors and downtime are a bedrock of software, but it doesn’t have to be that way. With more than a dozen employees and a hefty pool of capital, r2c hopes to improve the reliability of all the experiences we enjoy — and save developers time in the process.



from TechCrunch https://ift.tt/3eejXyP
via IFTTT
Labels:

Comments

Post a Comment

Popular posts from this blog

The Silent Revolution of On-Device AI: Why the Cloud Is No Longer King

Introduction For years, artificial intelligence has meant one thing: the cloud. Whether you’re asking ChatGPT a question, editing a photo with AI tools, or getting recommendations on Netflix — those decisions happen on distant servers, not your device. But that’s changing. Thanks to major advances in silicon, model compression, and memory architecture, AI is quietly migrating from giant data centres to the palm of your hand. Your phone, your laptop, your smartwatch — all are becoming AI engines in their own right. It’s a shift that redefines not just how AI works, but who controls it, how private it is, and what it can do for you. This article explores the rise of on-device AI — how it works, why it matters, and why the cloud’s days as the centre of the AI universe might be numbered. What Is On-Device AI? On-device AI refers to machine learning models that run locally on your smartphone, tablet, laptop, or edge device — without needing constant access to the cloud. In practi...
1 comment
Read more

Apple’s AI Push: Everything We Know About Apple Intelligence So Far

Apple’s WWDC 2025 confirmed what many suspected: Apple is finally making a serious leap into artificial intelligence. Dubbed “Apple Intelligence,” the suite of AI-powered tools, enhancements, and integrations marks the company’s biggest software evolution in a decade. But unlike competitors racing to plug AI into everything, Apple is taking a slower, more deliberate approach — one rooted in privacy, on-device processing, and ecosystem synergy. If you’re wondering what Apple Intelligence actually is, how it works, and what it means for your iPhone, iPad, or Mac, you’re in the right place. This article breaks it all down.   What Is Apple Intelligence? Let’s get the terminology clear first. Apple Intelligence isn’t a product — it’s a platform. It’s not just a chatbot. It’s a system-wide integration of generative AI, machine learning, and personal context awareness, embedded across Apple’s OS platforms. Think of it as a foundational AI layer stitched into iOS 18, iPadOS 18, and m...
Post a Comment
Read more

Max Q: Psyche(d)

In this issue: SpaceX launches NASA asteroid mission, news from Relativity Space and more. © 2023 TechCrunch. All rights reserved. For personal use only. from TechCrunch https://ift.tt/h6Kjrde via IFTTT
Post a Comment
Read more