envoyproxy/envoy

Apply CodeQL/LGTM/Semmle static analysis to Envoy code base

Open

#9.485 geöffnet am 26. Dez. 2019

Auf GitHub ansehen
 (6 Kommentare) (0 Reaktionen) (0 zugewiesene Personen)C++ (5.373 Forks)batch import
area/securityhelp wanted

Repository-Metriken

Stars
 (27.997 Stars)
PR-Merge-Metriken
 (Durchschn. Merge 8T) (378 gemergte PRs in 30 T)

Beschreibung

GitHub now has CodeQL for OSS projects (https://securitylab.github.com/tools/codeql). This is Semmle (lgtm.com), a fairly powerful static analysis tool. We should look at setting this up for Envoy, analyzing reports and adding custom queries.

Contributor Guide