New ask Hacker News story: Ask HN: Static Code Analysis Tools
Ask HN: Static Code Analysis Tools
2 by psnosignaluk | 0 comments on Hacker News.
Good day HN I'm on the lookout for static analysis tooling to apply to our toolchain, preferably at code review time. I thought it a good idea to ask the community here. A hosted solution would suit us well, as we try to focus internal engineering and maintenance efforts on our core platform (Kubernetes) and our code. We utilise GitHub for all of our repositories and have review policies implemented whereby at least 1 approval must be granted for a PR to be merged. I'd like to insert static analysis at this point so that vulnerabilities etc can be fixed before code is merged into the mainline. To complete the picture, once code is merged, it is picked up by Bamboo, fresh distroless images are built and the code deployed throughout dev/stage/sandbox/production. I look forward to your recommendations. Thanks and regards!
2 by psnosignaluk | 0 comments on Hacker News.
Good day HN I'm on the lookout for static analysis tooling to apply to our toolchain, preferably at code review time. I thought it a good idea to ask the community here. A hosted solution would suit us well, as we try to focus internal engineering and maintenance efforts on our core platform (Kubernetes) and our code. We utilise GitHub for all of our repositories and have review policies implemented whereby at least 1 approval must be granted for a PR to be merged. I'd like to insert static analysis at this point so that vulnerabilities etc can be fixed before code is merged into the mainline. To complete the picture, once code is merged, it is picked up by Bamboo, fresh distroless images are built and the code deployed throughout dev/stage/sandbox/production. I look forward to your recommendations. Thanks and regards!
Comments
Post a Comment