[Qgis-developer] QGIS and Coverity scans

Jürgen E. Fischer jef at norbit.de
Wed Feb 11 05:18:43 PST 2015


Hi Hugo,

On Wed, 11. Feb 2015 at 14:04:56 +0100, Hugo Mercier wrote:
> I am curious about Coverity. AFAIK, the static analyzer is not open source,
> right ? So this works as long as they offer if freely for open source
> projects.

Right.  It's propietary.  And IMHO it's also a heavy depencency (IIRC the
download of the tool needed to collect the build logs was 150MB).
 
> What would be very good is to call static analyzers during the build/testing
> process (as an option). Has somebody experiences with such things ? CLang
> static analyzer ?

We have used cppcheck - but not integrated into the build process.
There are also some good options for gcc (eg. -Weffc++).

I didn't know clang's scan-build[1] before Even Rouault mentioned it on #qgis.
Maybe we could use that with travis.  But it's not packaged in ubuntu and
apparently you have to build clang to get it.


Jürgen

[1] http://clang-analyzer.llvm.org/


-- 
Jürgen E. Fischer           norBIT GmbH             Tel. +49-4931-918175-31
Dipl.-Inf. (FH)             Rheinstraße 13          Fax. +49-4931-918175-50
Software Engineer           D-26506 Norden             http://www.norbit.de
QGIS release manager (PSC)  Germany                    IRC: jef on FreeNode                         
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
URL: <http://lists.osgeo.org/pipermail/qgis-developer/attachments/20150211/36b936ec/attachment.pgp>


More information about the Qgis-developer mailing list