I have Coverity scan builds running in a GitHub Action and then uploaded to Coverity.
We should be able to configure a GitHub Action to run other analyzers. Mike > -----Original Message----- > From: r...@edk2.groups.io <r...@edk2.groups.io> On Behalf Of Pedro Falcato > Sent: Tuesday, June 14, 2022 1:00 PM > To: r...@edk2.groups.io; POLUDOV, FELIX <fel...@ami.com> > Cc: Rebecca Cran <rebe...@bsdio.com>; edk2-devel-groups-io > <devel@edk2.groups.io> > Subject: Re: [edk2-rfc] RFC v2: Static Analysis in edk2 CI > > (Re-adding devel@ since Felix dropped it) > > On Tue, Jun 14, 2022 at 8:59 PM Pedro Falcato <pedro.falc...@gmail.com> > wrote: > > > Just want to note that if we want to go ahead with fuzzing (I detailed a > > possible plan to do so in the mailing list a month or so ago) we will > > definitely need somewhere to run fuzzing (even if it's Google's syzbot). > > Getting somewhere where we can run static analysis, fuzzing just makes > > sense IMO (hell, who knows, maybe even CI or something like Gerrit for > > mailing list-less code reviews). > > > > On Tue, Jun 14, 2022 at 7:43 PM Felix Polyudov via groups.io <felixp= > > ami....@groups.io> wrote: > > > >> Yes, LLVM/CLANG Static Analyzer is another possibility. I've mentioned it > >> in the first version of the RFC. > >> CodeChecker (https://codechecker.readthedocs.io/en/latest/) is an open > >> source front-end for the scan-build and clang-tidy. > >> It simplifies analyzer configuration and provides web-based report > >> storage. However, it has to be hosted somewhere. > >> If somebody has an idea on how edk2 community can host the CodeChecker, > >> that's definitely an option to consider. > >> > >> > >> > >> > >> > >> > > > > -- > > Pedro Falcato > > > > > -- > Pedro Falcato > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#90738): https://edk2.groups.io/g/devel/message/90738 Mute This Topic: https://groups.io/mt/91737265/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-