[Printing-architecture] LGTM - FREE security scan for open source software

Ira McDonald blueroofmusic at gmail.com
Sat Nov 23 12:34:02 UTC 2019


Hi Till,

I think LGTM is supposed to be wired to projects (i.e., open source
repositories)
rather than individuals.  Mike may know more about this?

Cheers,
- Ira

Ira McDonald (Musician / Software Architect)
Co-Chair - TCG Trusted Mobility Solutions WG
Co-Chair - TCG Metadata Access Protocol SG
Chair - Linux Foundation Open Printing WG
Secretary - IEEE-ISTO Printer Working Group
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music / High North Inc
http://sites.google.com/site/blueroofmusic
http://sites.google.com/site/highnorthinc
mailto: blueroofmusic at gmail.com
PO Box 221  Grand Marais, MI 49839  906-494-2434



On Fri, Nov 22, 2019 at 5:32 PM Till Kamppeter <till.kamppeter at gmail.com>
wrote:

> On 20/11/2019 21:41, Ira McDonald wrote:
> > Hi,
> >
> > As Mike Sweet reported, during today's PWG Virtual F2F meeting, the PWG
> > ippsample tools now use automated security scanning of updates by LGTM.
> >
> > Mike has been favorably impressed by the competence and professionalism
> > of the LGTM staff (e.g., when reporting false positives).
> >
> > I suggest that this is worth integrating into the CUPS Filters and GSoC
> > projects development processes as well.
> >
> > https://lgtm.com/
> >
> > WDYT?
>
> I have looked into it, too, and when doing investigations for the
> implementation
> of driverless IPP scanning I saw it in PWG's ippsample.
>
> Also, all the OpenPrinting projects are on GitHub now, so I think we
> should
> start to use it.
>
> Is it possible o create an organization account under lgtm, or
> organizations
> within an account, like in GitHub, where users can be added and removed?
> This
> way LGTM operation would not get hardwired to a single person.
>
>     Till
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/printing-architecture/attachments/20191123/15d0b96c/attachment.html>


More information about the Printing-architecture mailing list