<div dir="ltr"><span class="gmail-line" style="white-space:pre-wrap;color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px">As a response to CVE-2021-42574, aka Trojan Source [0], several clang-tidy passes are under review to detect (i) unterminated bidi characters (ii) unicode identifiers with right-to-left direction and (iii) confusable identifiers detections.</span><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><span class="gmail-line" style="white-space:pre-wrap;color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px">The LLVM security group got contacted three months ago on that topic, the thread is now public [1].</span><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><span class="gmail-line" style="white-space:pre-wrap;color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px">Feel free to contribute to the review on Phabricator </span><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><a class="gmail-undefined" target="_blank" href="https://reviews.llvm.org/D112913" style="text-decoration-line:none;font-family:Roboto,Noto,sans-serif;font-size:13px">https://reviews.llvm.org/D112913</a><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><a class="gmail-undefined" target="_blank" href="https://reviews.llvm.org/D112914" style="text-decoration-line:none;font-family:Roboto,Noto,sans-serif;font-size:13px">https://reviews.llvm.org/D112914</a><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><a class="gmail-undefined" target="_blank" href="https://reviews.llvm.org/D112916" style="text-decoration-line:none;font-family:Roboto,Noto,sans-serif;font-size:13px">https://reviews.llvm.org/D112916</a><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><span class="gmail-line" style="white-space:pre-wrap;color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px">[0] </span><a class="gmail-undefined" target="_blank" href="https://www.trojansource.codes/" style="text-decoration-line:none;font-family:Roboto,Noto,sans-serif;font-size:13px">https://www.trojansource.codes/</a><br style="color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px"><span class="gmail-line" style="white-space:pre-wrap;color:rgba(0,0,0,0.87);font-family:Roboto,Noto,sans-serif;font-size:13px">[1] </span><a class="gmail-undefined" target="_blank" href="https://bugs.chromium.org/p/llvm/issues/detail?id=11" style="text-decoration-line:none;font-family:Roboto,Noto,sans-serif;font-size:13px">https://bugs.chromium.org/p/llvm/issues/detail?id=11</a><br></div>