envoyproxy/envoy
在 GitHub 查看Apply CodeQL/LGTM/Semmle static analysis to Envoy code base
Open
#9,485 建立於 2019年12月26日
area/securityhelp wanted
倉庫指標
- Star
- (27,997 star)
- PR 合併指標
- (平均合併 8天) (30 天內合併 378 個 PR)
描述
GitHub now has CodeQL for OSS projects (https://securitylab.github.com/tools/codeql). This is Semmle (lgtm.com), a fairly powerful static analysis tool. We should look at setting this up for Envoy, analyzing reports and adding custom queries.