Would it make sense to run analyzers like Infer or MyPy at build time? Maybe have something like --with-debug, so if there is an analyzer-log output, only then is Infer ran?
In theory these tools are more useful for developers, but it's still potentially useful to independently analyze our software for memory safety and other errors, but also the build might run in or target an environment the upstream developer didn't anticipate, for example when cross compiling, or it could just straight up be patched and not identical to whatever upstream verified as working. Could also just be used to scan our software for vulnerabilities. Anyways, just throwing this out there. I don't think it would have immediate benefits, but it could be nice in the long term.