v6.22.0
🌟 Highlights
Further enhancements to speed up the store procedure
After another round of optimizations, CodeChecker store
is ~2 times faster than in v6.21.0. Combined with the previous release, storing may be as much as 4 times faster than v6.20.0., with larger result directories seeing a greater degree of improvement.
This should allow those that use CodeChecker in CI loops to see fewer timeouts due to long storages, or lower timeout tresholds significantly.
Multiroot analysis
CodeChecker now supports an analysis mode where for each source file, it tries to find the closest compile_commands.json file up in the directory hierarchy starting from the source file.
If your project is structured such that multiple folders act as their own root folder (hence the name multiroot), CodeChecker should be able to support that out of the box. clangd and clang-tidy already works this way: https://clangd.llvm.org/installation.html#compile_commandsjson
This feature also affects the CodeChecker Visual Studio Code plugin, where analysis will be done on multiroot projects as well Ericsson/CodecheckerVSCodePlugin#113.
Previously the input of analysis must have been a compilation database JSON file. This PR supports the following new CodeChecker analyze
invocations, as long as a corresponding compilation database file is found:
# Analyze a single file.
CodeChecker analyze analyze.cpp -o reports
# Analyze all source files under a directory.
CodeChecker analyze my_project -o reports
Support report annotations and add dynamic analyzer related annotations
CodeChecker is now able to parse additional fields from plist files especially relevant to dynamic analyses.
https://github.com/Ericsson/codechecker/blob/master/docs/analyzer/user_guide.md#dynamic-analysis-results
<dict>
<key>diagnostics</key>
<array>
<dict>
<key>category</key>
<string>unknown</string>
<key>check_name</key>
<string>UndefinedBehaviorSanitizer</string>
<key>report-annotation</key>
<dict>
<key>testcase</key>
<string>yhegalkoei</string>
<key>timestamp</key>
<string>1970-04-26T17:27:55</string>
</dict>
<key>path</key>
<array>
...
</array>
</dict>
Unlike for static analyzers, the time of the detection can be a crucial piece of information, as a report may be a result of another preceding report. Users that record the timestamp of the detection and store it in CodeChecker under the new 'Timestamp' field will be able to sort reports by it. CodeChecker now also supports the 'Testsuite' field.
You can read more about this feature in its PR #3849, and the relevant docs PR #3871.
❗ Backward incompatible changes
- [cmd] Remove some deprecated flags. #3823
CodeChecker checkers --only-enabled DEPRECATED.
Show only the enabled checkers. use CodeChecker checkers --details to list the checker status (enabled/disabled)CodeChecker checkers --only-disabled.
use CodeChecker checkers --details to list the checker status.CodeChecker cmd diff -s, --suppressed DEPRECATED.
Lists the suppressed reports.
Use the--review-status [REVIEW_STATUS [REVIEW_STATUS ...]]
flag to filter the results.CodeChecker cmd diff --filter FILTER
DEPRECATED. Filter diff results.
Use the--review-status [REVIEW_STATUS [REVIEW_STATUS ...]]
flag
to filter the results.CodeChecker cmd sum --disable-unique
DEPRECATED. Use the '--uniqueing' option to get uniqueing results.
- [cmd] Remove the CodeChecker analyzer
--tidy-config flag
#3822CodeChecker analyze [--tidy-config TIDY_CONFIG]
DEPRECATED and removed.
Use theCodeChecker analyzers --analyzer-config clang-tidy
to list the analyzer options
Use e.g.CodeChecker analyze --analyzer-config clang-tidy:WarningsAsErrors=true
to set a parameter.
Alternatively you can use .clang-tidy config files too
- [analyzer] Promote the missing checker warning to an error #3820
- If a checker name given to
--enable/--disable
is not recognized (usually because of a typo) by any of the analyzers, CodeChecker now emits an error. While we strongly advise you against it, you can demote this error to a warning, restoring the behaviour similar to previous releases, with the flag--no-missing-checker-error
(#3866).
- If a checker name given to
🐛 Analyzer improvements
- ignore -fno-keep-inline-dllexport gcc option #3813
- Fix error using Clang option '-stdlib=libc++' #3808
- [fix] Fix a condition about checkers being compiler warnings #3838
- [analyzer] Promote the missing checker warning to an error #3820
- [fix] Pass arch flag correctly #3854
- [fix] Treat clang-diagnostic-* checkers as compiler flags #3874
- Forward --driver-mode compiler flag to the analyzer #3867
🔁 Profile changes
bugprone-standalone-empty
: default, extreme, sensitivebugprone-unsafe-functions
: extreme, security, sensitivecert-msc24-c
: alias ofbugprone-unsafe-functions
cert-msc33-c
: alias ofbugprone-unsafe-functions
cppcoreguidelines-avoid-capture-default-when-capturing-this
: extreme, sensitivecppcoreguidelines-avoid-capturing-lambda-coroutines
: default, extreme, sensitivecppcoreguidelines-avoid-reference-coroutine-parameters
: default, extreme, sensitivecppcoreguidelines-rvalue-reference-param-not-moved
: extreme, sensitivellvmlibc-inline-function-decl
: stylemisc-use-anonymous-namespace
: default, extreme, sensitive- Document the new checker misc-use-anonymous-namespace #3803
- [cfg] Assign new check profiles for 6.22RC1 #3861
💻 CLI/Server improvements
- Further enhancements to speed up the store procedure #3796
- Multiroot analysis #3815
CodeChecker now supports an analysis mode where for each source file,
it tries to find the closest compile_commands.json file up in the directory hierarchy starting from the source file.
clangd and clang-tidy works this way: https://clangd.llvm.org/installation.html
This feature allows the analaysis of multi-root projects also in the vscode plugin Ericsson/CodecheckerVSCodePlugin#113
Previously the input of analysis was a compilation database JSON file. The of this PR is to support the following analysis invocations:
# Analyze one source file.
CodeChecker analyze main.c -o reports
# analyze all source files under a directory.
CodeChecker analyze my_project -o reports
- Support report annotations and add dynamic analyzer related annotations #3849
- Required format for --checker-config #3817
"CodeChecker analyze" command has a --checker-config flag. The parameter this flag should be in the following format:
<analyzer>:<checker>:<option>=<value>
. This format is checked and an error message is emitted if the format is not met. - [cmd] Gracefully exit instead of crashing when cmd diff is missing a param #3801
- cppcheck: allow spaces in path #3812
- [cmd] Fix a crash with CodeChecker cmd diff --unique on #3816
- [bugfix] Don't convert cppcheck parameters to absolute path #3821
- [cmd] Deprecate --warnings flag #3802
- [gui] Fix for filter product in gui test #3469
- [web] Fix stale permission caching #3840
🌳 Environment
- [req] Upgrade
lxml
to4.9.1
#3799 - Fix three bugs and a couple of style issues #3804
- Updates to setup.py/PyPI configuration #3819
- [test] Upgrade to Python 3.8 in GitHub Actions #3859
📖 Documentation updates
- README.md: add
python3-setuptools
dependency #3729 - [docs] Reword what labels, guidelines, checkers mean, and their enabling #3845