Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding static analysis with PVS-Studio #2061

Merged
merged 9 commits into from
Feb 6, 2022
Merged

Adding static analysis with PVS-Studio #2061

merged 9 commits into from
Feb 6, 2022

Conversation

piponazo
Copy link
Collaborator

@piponazo piponazo commented Jan 27, 2022
edited
Loading

In the middle of 2021 I got a free license for PVS-Studio so that we can use it to detect defects in the codebase:

https://pvs-studio.com/en/order/open-source-license/

In this PR I will try to add the automatic execution of this static analyser into our CI pipeline.

Note that this is just storing the result of the static analysis as an artifact in the Github Actions page. Example:
https://github.com/Exiv2/exiv2/actions/runs/1757710199

However we are not blocking PRs in case of emerging new defects detected by the tool. I can try to investigate that in a following PR.

@piponazo piponazo self-assigned this Jan 27, 2022
@codecov
Copy link

codecov bot commented Jan 27, 2022
edited
Loading

Codecov Report

Merging #2061 (4746bb4) into main (fde0f9e) will decrease coverage by 0.21%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #2061      +/-   ##
==========================================
- Coverage   62.04%   61.82%   -0.22%     
==========================================
  Files          96       96              
  Lines       19194    19098      -96     
  Branches     9833     9817      -16     
==========================================
- Hits        11909    11808     -101     
- Misses       4978     4995      +17     
+ Partials     2307     2295      -12
Impacted Files Coverage Δ
src/types.cpp 87.77% <ø> (-0.06%) ⬇️
src/safe_op.hpp 69.23% <0.00%> (-27.65%) ⬇️
include/exiv2/slice.hpp 69.64% <0.00%> (-21.89%) ⬇️
include/exiv2/error.hpp 60.71% <0.00%> (-4.81%) ⬇️
src/utils.cpp 38.46% <0.00%> (-1.93%) ⬇️
include/exiv2/value.hpp 82.96% <0.00%> (-0.55%) ⬇️
src/enforce.hpp 75.00% <0.00%> (+2.77%) ⬆️
src/getopt.cpp 67.30% <0.00%> (+5.76%) ⬆️
include/exiv2/metadatum.hpp 88.88% <0.00%> (+16.16%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update fde0f9e...4746bb4. Read the comment docs.

@hassec
Copy link
Member

hassec commented Feb 4, 2022

However we are not blocking PRs in case of emerging new defects detected by the tool. I can try to investigate that in a following PR.

Also not for this MR, but maybe with the above to-do: is there anyway we can display the results somewhere without having to download the artifact?

hassec
hassec previously approved these changes Feb 4, 2022
View reviewed changes
Copy link
Member

@hassec hassec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@piponazo piponazo marked this pull request as ready for review February 5, 2022 10:26
@piponazo piponazo requested a review from hassec February 5, 2022 10:27
@piponazo piponazo mentioned this pull request Feb 5, 2022
Open
@piponazo
Copy link
Collaborator Author

piponazo commented Feb 5, 2022

Also not for this MR, but maybe with the above to-do: is there anyway we can display the results somewhere without having to download the artifact?

I have added a new issue describing some of the improvements we could do regarding PVS-Studio: #2074. Hopefully somebody will tackle those things at some point 😉

hassec
hassec approved these changes Feb 6, 2022
View reviewed changes
Copy link
Member

@hassec hassec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@piponazo piponazo merged commit b960918 into main Feb 6, 2022
@piponazo piponazo deleted the main_pvs branch February 6, 2022 17:52
@nehaljwani nehaljwani mentioned this pull request Apr 30, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hassec hassec hassec approved these changes

@neheb neheb Awaiting requested review from neheb

@kevinbackhouse kevinbackhouse Awaiting requested review from kevinbackhouse

@kmilos kmilos Awaiting requested review from kmilos

Assignees

@piponazo piponazo

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@piponazo @hassec