KM11 - Code Analyzers Checkers

[dankitan]

Hi everyone!

We would like to integrate code analyzers checkers in out project, anyone would like to help us?

Thanks in advance. Greets. KM11

[CarlosLannister]

Here you have:

• https://lgtm.com/
• https://sonarcloud.io/

Also, do not forget to scan third party dependencies:

• https://snyk.io/

[CarlosLannister]

If you have any issues using them just bring me a coke and I will help you.

[maesbrisa]

Hey!

We are working on the same thing and this is what we use: 1 - Gradle lint because our application includes Android compilation. We use Github Actions to perform this test each push we made. 2 - Buddy works (https://buddy.works/) to integrate easy pipelines but we found a problem looking for the Application callback URL. We don't recommend this because there are other options that provides the same. 3 - Snyk: It detects dependencies files (package.json and build.gradle in our case) and check known vulnerabilities. 4 - Lgtm and sonarcloud as Carlos says, we are working on it. 5 - Greenkeeper (https://greenkeeper.io/)

Hope it helps!