Could Someone Give me Advice for Enhancing Static Code Analysis for Python in CI/CD Pipelines?

Hello there,

I have been integrating static code analysis into my CI/CD pipelines to ensure code quality and maintainability for our Python projects. While I have been using DeepSource for a while now and have seen great results; I am always on the lookout for ways to improve the process. I would love to hear how others are optimizing their static code analysis setup; particularly with Python in mind.

DeepSource integrated with GitHub; running checks on every pull request
Ensuring code quality; detecting potential bugs; and enforcing coding standards.

Has anyone experimented with custom rules in DeepSource? What are some examples of custom rules that have been particularly effective for your Python projects?

Any tips on optimizing the runtime of DeepSource in CI/CD pipelines? Occasionally, the checks add noticeable time to our builds, and I am curious if there are ways to minimize this without sacrificing the thoroughness of the analysis.

Are there other tools or approaches you combine with DeepSource for static analysis? For instance, do you use any additional linters; security tools; or manual code review practices to catch things that DeepSource might miss?

What are some best practices for integrating DeepSource more deeply into the development workflow? How do you ensure that developers consistently follow through on fixing the issues flagged by the analysis?

Also; I have gone through this post; https://deepsource.com/blog/introduction-static-code-analysis-aws-devops/ which definitely helped me out a lot.

Thanks in advance for your help and assistance.