Along with using Sonar in place of Coverity. I also added Codacy. Which I kind of like more than any other as there is no integration. No modifications for Travis or any CI. It integrates directly with git. https://support.codacy.com/hc/en-us/articles/207278449-Getting-started-with-Codacy
It mostly shows minor stuff, reducing scope of variables and some other stuff is its main difference over the others. Not sure what all it shows that is redundant from others. I see it as an add on, not primary. HOWEVER, Codacy catches some stuff that neither Coverity, Sonar, or Clang catch. Which I find interesting, as it seems one can never have to many static analyzers reviewing code. Take this block from Entrance, notice anything off? https://github.com/Obsidian-StudiosInc/entrance/blob/master/src/bin/entrance_gui.c#L229 Which is one section I have yet to touch, same in original https://git.enlightenment.org/misc/entrance.git/tree/src/bin/entrance_gui.c#n205 This was passing Coverity https://scan.coverity.com/projects/obsidian-studiosinc-entrance Passing Sonar, less code coverage, no code smells etc https://sonarcloud.io/dashboard?id=entrance Yet Codacy noticed a pretty serious issue both missed. https://app.codacy.com/app/Obsidian-StudioInc/entrance/issues https://www.enlightenment.org/ss/e-5b4d03ad29ddf8.58532549.jpg (Issue will go away when I fix, thus screenshot for persistence) The code block does not make sense. It concludes with if (_gui) free(_gui); Which is bad as _gui is in use for several things prior to that null check. Which could result in issues if it was null. Unless the final null check is redundant. Which could also be the case. None the less it is code that does not really make sense. Only Codacy pointed that out. All others missed that potential issue. Just found that interesting. -- William L. Thomson Jr.
pgp4aKsZwOQ_W.pgp
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
