While we are at it, here are some more useful warning flags I have used: https://github.com/cpp-best-practices/cppbestpractices/blob/.... Some C++-only though, some are a bit opinionated (like -Wsign-conversion) and some useful C-only flags might be missing.
Few C-specific references I found just now, but haven't tried myself yet:
Also a good idea to regularly run the program with sanitizers, using them in tests is a good way to do that I think. Why not during development as well if the performance is acceptable for that specific program.