[Rpm-maint] [rpm-software-management/rpm] RFE: run static code analysis in CI (#306)

Panu Matilainen notifications at github.com
Thu Sep 14 05:36:39 UTC 2017


> I can/will create an "rpm.org" project and run static analysis if there is sufficient interest. It just isn't that hard.
@n3npq : That'd be nice.

For the every-now-and-then use I've been making do with clang-analyzer. It might not be quite on the level of Coverity, but then I can run it locally without having to wade through terms-of-use and the like which I remember finding somehow off-putting when I last looked at Coverity - many years ago and probably changed a lot since. Anyway, clang-analyzer provides plenty of chatter to fill in the rainy days, and yeah including dead assignments (clang jargon for set-but-unused).

Analysis on CI only makes sense if it can report just the new issues introduced by that commit, otherwise it's just a truckload of electronic waste. IIRC (from another project) Coverity can do that, and also permits marking false positives as such.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/306#issuecomment-329378698
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20170913/715b7715/attachment.html>


More information about the Rpm-maint mailing list