hi @robsierra and welcome to this community!
do you mean RAM or disk?
I wrote a brief overview of how our .NET analysis works. Feel free to ask more questions if you want.
The analysis is (mostly) done during the build because for .NET, our analyzers are Roslyn analyzers (.NET Compiler Platform). They are invoked by MSBuild during compilation. Our advanced vulnerability analysis is done separately, after the build (but most of the analysis is done during the build).
We do have Automatic Analysis for some languages (check the list here), but not for .NET.
I suggest that we focus on this part, and see if there’s any improvement that you can make on your side, or if we can learn about specific performance bottle-necks that manifest on your code base.
To see which rules take the most time during your build, it would help to run the build in verbose mode.
First run the scanner begin command (to reproduce locally) - check the scanner for .net docs.
Then run the build in verbose mode with reportanalyzer set to true
dotnet build ... -v:d -p:reportanalyzer=true > build_logs.txt
And then
select-string -path "build_logs.txt" -pattern "NOTE: Elapsed time may be less than analyzer execution time because analyzers can run concurrently." -Context 1,100 > analyzer_times.txt
And share with us the analyzer_times.txt . If you don’t to share them publicly here, I can send you a private message.
Thanks,
Andrei