Hi guys, I want to introduce a code analysis service called lgtm[1] in the community. Recently, in the Kylin community, I found it in my colleague's PR.[2]
lgtm is a code analysis platform for finding zero-days and preventing critical vulnerabilities. Some features listed here (copied from its official website): [1] - Unparalleled security analysis; - Automated code review - Free for open source We can see that it can be integrated with Github[3] and exist in the form of a robot triggered by a git hook.[2] With the development of the community, more and more people participate in the development of the community, and the workload of the code review has become more onerous. Introducing it, we can use some of the existing automated scanning and analysis capabilities to make up for the lack of knowledge or experience of the reviewer. WDYT? Any thoughts and opinions are welcome and appreciated! [1]: https://lgtm.com/ [2]: https://github.com/apache/kylin/pull/1596#issuecomment-788935493 [3]: https://github.com/marketplace/lgtm Best, Vino
