jacobdomagala / staticanalysis Goto Github PK
View Code? Open in Web Editor NEWGitHub action performs static analysis on C++/Python code, flags issues, and posts comments directly on PRs.
License: MIT License
GitHub action performs static analysis on C++/Python code, flags issues, and posts comments directly on PRs.
License: MIT License
Is it possible to specify custom build directory?
This would be super useful when binaryDir
tag is set in CMakePresets (https://cmake.org/cmake/help/latest/manual/cmake-presets.7.html)
I want to use it in the Archlinux system, how do it?
Currently we run CI workflows on pull_request basis, make them run on push as well
Write more unittests for most important functions
Currently the action will run clang-tidy/Cppcheck on entire codebase, add option to only run it on changes introduced by given Pull Request.
Some data in README might be outdated.
For a medium project running clang-tidy as one process can lead to long waiting times (3 hours for example). I think this can be sped up with run-clang-tidy -j $(nproc)
My current project does not use CMake to build a makefile. Instead, we write the makefile since it's pretty complex. Is there a possibility of using make projects directly ?
I can execute cppcheck
and clang-tidy
to generate XML
outputs. Can you add an option to parse the XML
?
Cppcheck command seems to not be working correctly
Initially TestAction
workflow was created to run with PullRequests. With recent changes (now runs on push as well) this action needs to be updated
It would be nice if StaticAnalysis would work with other actions as well as PR. I'm trying out SA and want to repeatedly trigger it while I make changes to the configuraton. Either push
or manual triggers would help during setup.
I think there is an issue in entrypoint.sh
with files_to_check
, affecting debug_print
and eval clang-tidy-12...
.
The problem shows up when trying to run clang-tidy
over mutliple files and seems to be related to how get_files_to_check.py
output is split when setting files_to_check
. Everything works as expected for a single source file.
I have created a minimal failing case. Let me know if I can add any more information.
Right now cppckech uses hardcoded args:
--enable=all --suppress=missingInclude --inline-suppr --inconclusive
Allow the user to pass the args in GitHub action
Update all packages to newer version. Also consider using Ubuntu 22.10
Currently get_files_to_check.py
is gathering the source files from compile_commands.json
, but since that file only contains .cpp files, the clang-tidy is not checking header files.
Using something like following doesn't work:
cmake_args: >
-D CMAKE_BUILD_TYPE="DEBUG"
-D Trilinos_ENABLE_ALL_PACKAGES=ON
-D Trilinos_ENABLE_ALL_OPTIONAL_PACKAGES=ON
-D Trilinos_ALLOW_NO_PACKAGES=ON
-D Trilinos_DISABLE_ENABLED_FORWARD_DEP_PACKAGES=ON
-D Trilinos_IGNORE_MISSING_EXTRA_REPOSITORIES=ON
-D Trilinos_ENABLE_TESTS=ON
-D Trilinos_TEST_CATEGORIES=BASIC
-D Trilinos_ENABLE_ALL_FORWARD_DEP_PACKAGES=ON
-D Trilinos_VERBOSE_CONFIGURE=OFF
-D BUILD_SHARED_LIBS:BOOL=ON
-D Trilinos_WARNINGS_AS_ERRORS_FLAGS="-Wno-error"
-D Trilinos_ENABLE_SEACAS=OFF
-D Trilinos_ENABLE_Sacado=OFF
-D TPL_ENABLE_BLAS=ON
-D TPL_ENABLE_LAPACK=ON
-D TPL_ENABLE_CUDA=OFF
-D TPL_ENABLE_Matio=OFF
-D TPL_ENABLE_X11=OFF
-D TPL_ENABLE_Pthread=OFF
-D TPL_ENABLE_Boost=OFF
-D TPL_ENABLE_BoostLib=OFF
-D TPL_ENABLE_ParMETIS=OFF
-D TPL_ENABLE_Zlib=OFF
-D TPL_ENABLE_HDF5=OFF
-D TPL_ENABLE_Netcdf=OFF
-D TPL_ENABLE_SuperLU=OFF
-D TPL_ENABLE_Scotch=OFF
-D TPL_ENABLE_MPI=ON
-D Trilinos_ENABLE_Rythmos=OFF
-D Trilinos_ENABLE_Pike=OFF
-D Trilinos_ENABLE_Komplex=OFF
-D Trilinos_ENABLE_TriKota=OFF
-D Trilinos_ENABLE_Moertel=OFF
-D Trilinos_ENABLE_Domi=OFF
-D Trilinos_ENABLE_FEI=OFF
-D Trilinos_ENABLE_PyTrilinos=OFF
-D Trilinos_ENABLE_Epetra=OFF
We need to evaluate the cmake_args
input
What needs to be done:
TestRepo
to contain proper code base and run a proper test there (dispatch workflow?)Currently notes from cppcheck are present in separate comments, we should aggregate them into single one with corresponding warning/error
I would like to add StaticAnalysis as an Action to run on PR in a public repository (see p-ranav/argparse#148 (comment)). Is this possible?
The PR log seems to say that the action does not have permission to write to the repo to add a comment.
Hello,
this action is exactly what I searched for.
However I see no way to add dependency packages.
(E.g. my project needs the libhidapi-dev Ubuntu package).
Any way to easily add this?
Also you probably should publish the source of your main Dockerfile (https://hub.docker.com/r/jdomagala/static_analysis).
With the last change to support different missing packages, I get this trace
+ python3 /run_static_analysis.py -cc cppcheck.txt -ct clang_tidy.txt
Traceback (most recent call last):
Changed files 32
File "/run_static_analysis.py", line 231, in <module>
files_changed_in_pr_in = setup_changed_files()
File "/run_static_analysis.py", line 84, in setup_changed_files
lines_changed_for_file = get_lines_changed_from_patch(file.patch)
File "/run_static_analysis.py", line 60, in get_lines_changed_from_patch
idx_end = line[idx_beg:].index(",")
ValueError: substring not found
Currently we're using Ubuntu 21.04 with clang-tidy-12 and cppcheck 2.5. Let's update it to Ubuntu 22.04/clang-tidy-14 and cppcheck 2.8
After changes to clang-12 (and not using run-clang-tidy script), exclude dir is not working
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.