Yes we use the highest possible levels on clang gcc and level 4 for msvc (the max is mental and MS code does not pass). You can see the flags here https://github.com/dirvine/MaidSafe-Common/blob/master/common_flags.cmake
Importantly we also have sanitiser runs built in so if your compiler supports ubsan it is on by default. You can also pass -DCMAKE_BUILD_TYPE=Tsan or Msan or Asan and get the relevant sanitiser run (these all passing is a terrific sign of code quality).
In addition we treat all warnings as errors and stop the compile until a dev fixes the warning. This seems harsh but in fact saves a tone of silly mistakes creeping in. This means all compiles should be clean and warning free.
No third party code we have used is this pedantic and we turn down these checks for cryptopp/boost/gtest etc. given time we would patch all these to the same level at least and one day I would hope we can or sponsor people to do hat.
This is all great and is acceptable for me anyway, it does not, however, fix any logic errors in fundamental algorithms, for that we use code review and I am very focused on less code, very few raw loops and get the core algorithm correct, so when there are a bunch of ifs and loops it is treated as bad code in need of refactor, whether it passes tests or not.
We are almost complete automating jenkins/github integration for automatic cross platform runs of tests and sanitisers etc. The Qa guys are looking at baseline and checking coverage to ensure at least coverage is maintained per commit of code, again not a silver bullet but on way.