Hi all,
My colleague Malcolm copied me in on this thread. Full disclosure: we're
part of the team behind lgtm.com.
Glad to hear that you guys like lgtm.com and the results we report for
Ignite! We've only launched recently and are seeing a really quick
growth in the number of users from the open-source community. We
continuously analyse every revision of more than 50k open-source
projects, including most ASF projects. You may recall the Apache Struts
vulnerability that was announced last week — the lgtm.com security team
found that result and worked with the project maintainers to fix it and
disclose it responsibly. Here's a technical write-up by my colleague Mo
who found the vulnerability:
https://lgtm.com/blog/apache_struts_CVE-2017-9805
Because we've only just launched, we're really keen to hear feedback
from early adopters from the open-source community. Please let us know
what you like and what you don't like so we can improve lgtm.com! We're
particularly keen to hear feedback on the automated code review for pull
requests — you can set it up here:
https://lgtm.com/projects/g/apache/ignite/ci/
To give you an idea of what it looks like: our friends at NASA are using
it for a couple of their open-source projects on GitHub. Here's an
example of a PR: https://github.com/Open-MBEE/mdk/pull/105.
Anyway — I hope lgtm.com will be useful to you. Any questions/comments:
let me know.
Cheers,
Bas
