Static Code Analysis

We use the following static code analysis tools:

  • golangci-lint and eslint for compile time linting
  • codecov.io - for code coverage
  • snyk.io - for image scanning
  • sonarcloud.io - for code scans and security alerts

These are at least run daily or on each pull request.