Is anyone in the OpenStack community using automated tools to perform code analysis?
If not, are you familiar with such tools that will work with python? We're specifically interested in tools that can be used to provide rapid feedback to developers about potentially dangerous code (for example, SQL statements that are not scrubbed, query strings that are not properly validated). I've used such tools in the past for PHP and other languages, but I'm kind of at a loss when it comes to python. What we'd really like to see is for someone to pick up the "security" task and run with it, with regular penetration testing and detailed analytics so that we can ensure that OpenStack products are reliably secure. Automated code testing is an early step in that process. [cid:F414D321-0144-4256-A1AB-F8051E60ED24] Confidentiality Notice: This e-mail message (including any attached or embedded documents) is intended for the exclusive and confidential use of the individual or entity to which this message is addressed, and unless otherwise expressly indicated, is confidential and privileged information of Rackspace. Any dissemination, distribution or copying of the enclosed material is prohibited. If you receive this transmission in error, please notify us immediately by e-mail at ab...@rackspace.com, and delete the original message. Your cooperation is appreciated.
<<inline: signature[1].png>>
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
