Coverity offers a wonderful free static code analysis tool for C++, C# and Java open source projects. It is very easy to automate submissions to Coverity Scan for code analysis - I just spent about 15 minutes today (not including build time) setting up the GNU C Library (glibc) in Coverity Scan. We should create a CI job that submits results to Coverity Scan to improve the overall quality of the codebase. This is a low-effort, high-reward improvement.
If you want to see why this is so powerful please review the Coverity Scan project for the GNU C Library (glibc), something we all use every day: