envoyproxy/envoy
GitHub で見るApply CodeQL/LGTM/Semmle static analysis to Envoy code base
Open
#9,485 opened on 2019年12月26日
area/securityhelp wanted
Repository metrics
- Stars
- (27,997 stars)
- PR merge metrics
- (平均マージ 8d) (30d で 378 merged PRs)
説明
GitHub now has CodeQL for OSS projects (https://securitylab.github.com/tools/codeql). This is Semmle (lgtm.com), a fairly powerful static analysis tool. We should look at setting this up for Envoy, analyzing reports and adding custom queries.