pnoltes commented on issue #566: URL: https://github.com/apache/celix/issues/566#issuecomment-3880521112
PR #834 is a draft setup to introduce a clang-tidy scan. In my experience, clang-tidy is slightly easier to integrate as a separate scan job without requiring significant build resources. I want to specifically acknowledge the GCC static analyzer setup recently introduced by @moelksasbyahmed . It’s a great addition in improving the project code quality. That being said, I believe it is possible - and beneficial - to maintain both tools. I expect GCC’s analyzer is better for deep path analysis, clang-tidy offers a different set of checks (like modernization and style) and runs efficiently in parallel. In my opinion, a good next step would be to decide if we want to adopt clang-tidy as a complementary SAST tool. From there, we can create sub-issues to enable specific checks in both the GCC static analyzer and clang-tidy and work on fixing the reported issues. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
