Skip to content
  • Gaël Bonithon's avatar
    ci: Add static analysis jobs · 8bf2175d
    Gaël Bonithon authored
    This requires extra effort on the part of maintainers, and is therefore
    disabled by default. To activate these jobs, you need to add the CI/CD
    variables GCC_ANALYZER and/or SCAN_BUILD to each project.
    
    These static analysis tools are quite prone to false positives, so for
    these jobs to be useful, it seems the right approach is to not allow
    them to fail and maintain false positive files (otherwise we risk
    getting used to seeing them fail and simply not paying attention). How
    to fill in these files is indicated in the comments.
    
    As we only change software versions every two years in CI, the extra
    maintenance effort should be quite small though, once the first warnings
    have been fixed or ignored. The fact remains, however, that their
    analysis can be more tortuous and time-consuming than that of simple
    compiler warnings.
    
    Also, the list of warnings not to be turned into errors for the gcc
    analyzer will need to be updated every time we change version, i.e.
    again every two years (ot...
    8bf2175d