[Replicant] static analysis tools
Fil Lupin
fillupin at protonmail.com
Thu Mar 19 16:56:04 UTC 2020
Hi,
following my answer
https://lists.osuosl.org/pipermail/replicant/2020-March/002617.html I think some tools could be useful to automatize some tests, in order to focus on complex checkings.
These tools exists for several languages (
https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis#C,_C++)
:
- python : I realize flake8 is MIT (sorry), but other tools could be used like pylint (https://github.com/pycqa/pylint) is GPLv2,bandit (https://github.com/PyCQA/bandit) is Apache
- shell : shellcheck (https://www.shellcheck.net/) GPLv3
- C : in addition to the flag -Wall , cppcheck (http://cppcheck.sourceforge.net/) GPLv3, frama-C (https://frama-c.com/download.html) GPLv2, splint (https://github.com/splintchecker/splint) GPLv2
They can be used using a prehook added by each user (I use hg but git allows this behaviour also) or even added as a continuous integration if the project decide it's worth it.
However, licenses should be double-checked
- Fil Lupin.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20200319/b9a798b3/attachment.html>
More information about the Replicant
mailing list