envoyproxy/envoy
Ver no GitHubApply CodeQL/LGTM/Semmle static analysis to Envoy code base
Open
#9.485 aberto em 26 de dez. de 2019
area/securityhelp wanted
Métricas do repositório
- Stars
- (27.997 stars)
- Métricas de merge de PR
- (Mesclagem média 8d) (378 fundiu PRs em 30d)
Description
GitHub now has CodeQL for OSS projects (https://securitylab.github.com/tools/codeql). This is Semmle (lgtm.com), a fairly powerful static analysis tool. We should look at setting this up for Envoy, analyzing reports and adding custom queries.