envoyproxy/envoy
Voir sur GitHubApply CodeQL/LGTM/Semmle static analysis to Envoy code base
Open
#9 485 ouverte le 26 déc. 2019
area/securityhelp wanted
Métriques du dépôt
- Stars
- (27 997 stars)
- Métriques de merge PR
- (Merge moyen 8j) (378 PRs mergées en 30 j)
Description
GitHub now has CodeQL for OSS projects (https://securitylab.github.com/tools/codeql). This is Semmle (lgtm.com), a fairly powerful static analysis tool. We should look at setting this up for Envoy, analyzing reports and adding custom queries.