As a response to CVE-2021-42574, aka Trojan Source [0], several clang-tidy passes are under review to detect (i) unterminated bidi characters (ii) unicode identifiers with right-to-left direction and (iii) confusable identifiers detections. The LLVM security group got contacted three months ago on that topic, the thread is now public [1]. Feel free to contribute to the review on Phabricator https://reviews.llvm.org/D112913 https://reviews.llvm.org/D112914 https://reviews.llvm.org/D112916 [0] https://www.trojansource.codes/ [1] https://bugs.chromium.org/p/llvm/issues/detail?id=11 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20211101/5ddc94e4/attachment.html>