Master
工具

LGTM

NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions it is likely that it is still relevant. If the blip is older it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the RadarUnderstand more
Published: Oct 28, 2020
Oct 2020
评估?

编写安全的代码十分重要,但是开发人员还有很多其他事情需要考虑,不能把时间全花在这里。LGTM 不仅为开发人员提供了一道安全防护网,也是一个安全代码实践的知识库。这是一个专注于安全的静态代码分析工具,以 CodeQL 查询语言实现了(部分开放源代码的)安全编码规则。LGTM 适用于Java、Go、JavaScript、Python、C#及C/C++,并可以将白盒安全检查集成到持续集成流水线中。LGTM 与 CodeQL 都来自于 Github 安全实验室