airflow-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kaxil Naik <kaxiln...@gmail.com>
Subject Re: Enable LGTM on the repository
Date Tue, 20 Aug 2019 11:18:01 GMT
The tool looks good. It also shows when this error was introduced and more
debug information.

[image: image.png]

+1 from my side to integrate it

On Tue, Aug 20, 2019 at 11:49 AM Ash Berlin-Taylor <ash@apache.org> wrote:

> Interesting!
>
> One or two of the rules we'd probably want to ignore (`Module 'airflow' is
> imported with both 'import' and 'import from'`) and possibly the cycle one,
> but some of them certainly look like bugs/errors that should be fixed.
>
> > On 20 Aug 2019, at 10:00, Driesprong, Fokko <fokko@driesprong.frl>
> wrote:
> >
> > Hi all,
> >
> > I recently bumped into LGTM <https://github.com/marketplace/lgtm>, an
> > automated vulnerability checker. Besides that, it also analyzes general
> > code quality. I think it would be nice to enable this on Airflow as
> > well. LGTM automatically runs 1600+ standard analyses contributed by
> > researchers from the Semmle Security Research Team and our customer
> > community, including Microsoft, Google, Uber, and Mozilla.
> >
> > Right now it doesn't look so great:
> > https://lgtm.com/projects/g/apache/airflow/alerts/?mode=list
> >
> > Please note that this is both Javascript and Python, for Airflow I would
> > only look at the latter.
> >
> > I'm still experimenting with it on my personal repo, but would like to
> get
> > your opinion on it.
> >
> > Cheers, Fokko
>
>

Mime
  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message