* '''Custom static analyses''': We have a clang plugin with a number of Gecko-specific checks. There's terse documentation on the attributes we use to drive some of the checks [https://dxr.mozilla.org/mozilla-central/source/mfbt/Attributes.h#341 here]. Some checks are just good hygiene (e.g. MOZ_IMPLICIT), some checks exist to help you do the right thing (e.g. MOZ_MUST_OVERRIDE, MOZ_RAII, MOZ_MUST_USE), and some checks exist to prevent security bugs (e.g. MOZ_NON_MEMMOVABLE and related attributes). The checker currently runs on every push we do, on Windows, Mac, and Linux.
* '''[httphttps://wwwscan.coverity.com/ projects/firefox Coverity]''': runs their code checker on Firefox every couple of days and throws all the problems into a nicely searchable database.
== Old ==