Interesting! One or two of the rules we'd probably want to ignore (`Module 'airflow' is imported with both 'import' and 'import from'`) and possibly the cycle one, but some of them certainly look like bugs/errors that should be fixed.
> On 20 Aug 2019, at 10:00, Driesprong, Fokko <fo...@driesprong.frl> wrote: > > Hi all, > > I recently bumped into LGTM <https://github.com/marketplace/lgtm>, an > automated vulnerability checker. Besides that, it also analyzes general > code quality. I think it would be nice to enable this on Airflow as > well. LGTM automatically runs 1600+ standard analyses contributed by > researchers from the Semmle Security Research Team and our customer > community, including Microsoft, Google, Uber, and Mozilla. > > Right now it doesn't look so great: > https://lgtm.com/projects/g/apache/airflow/alerts/?mode=list > > Please note that this is both Javascript and Python, for Airflow I would > only look at the latter. > > I'm still experimenting with it on my personal repo, but would like to get > your opinion on it. > > Cheers, Fokko