Code quality checker

Here's the place for discussion related to coding in FreeCAD, C++ or Python. Design, interfaces and structures.
User avatar
PrzemoF
Posts: 2655
Joined: Fri Jul 25, 2014 4:52 pm
Contact:

Code quality checker

Postby PrzemoF » Mon Dec 03, 2018 5:31 pm

I'm not really sure if we want to use it, but discussing it won't hurt :D It's an automated code quality checker linked with github. Looks like it works in a similar manner as travis-ci.

https://houndci.com/
User avatar
yorik
Site Admin
Posts: 11577
Joined: Tue Feb 17, 2009 9:16 pm
Location: São Paulo, Brazil
Contact:

Re: Code quality checker

Postby yorik » Tue Dec 04, 2018 8:54 pm

Would be worth a try!
User avatar
PrzemoF
Posts: 2655
Joined: Fri Jul 25, 2014 4:52 pm
Contact:

Re: Code quality checker

Postby PrzemoF » Tue Dec 04, 2018 9:59 pm

python: http://help.houndci.com/configuration/flake8
I don't see anything for c++ and I'm not sure what would happen with c++ or mixed patches.
User avatar
saso
Posts: 1337
Joined: Fri May 16, 2014 1:14 pm
Contact:

Re: Code quality checker

Postby saso » Wed Dec 12, 2018 6:32 pm

maybe https://www.sonarqube.org/ https://sonarcloud.io/

PS: also note that we already use:
- C++ compiler (clang, gcc, msvc) warnings
- C++ compiler static code analyzers "msvc /analyze" and "clang scan-build"
- Coverity (C++ and python) https://forum.freecadweb.org/viewtopic.php?f=10&t=16966
- PVS-Studio (C++) https://forum.freecadweb.org/viewtopic.php?f=10&t=34266
- LGTM (python) https://lgtm.com/projects/g/FreeCAD/FreeCAD/
- Cppcheck (C++) for some basic checks of the C++ code
- flake8 (python) for some of the python code

and for the future I am looking more in to sanitizers and fuzzers
https://github.com/google/sanitizers
http://lcamtuf.coredump.cx/afl/
https://github.com/googleprojectzero/winafl
https://github.com/google/honggfuzz
https://llvm.org/docs/LibFuzzer.html
https://github.com/google/oss-fuzz

What's the Use of Dynamic Analysis When You Have Static Analysis?
https://www.viva64.com/en/b/0643/

In-Depth: Static Code Analysis
https://www.gamasutra.com/view/news/128 ... alysis.php

Static Analysis at Scale: An Instagram Story
https://instagram-engineering.com/stati ... 498ab71a0c

AddressSanitizer (ASan) for Windows with MSVC
https://devblogs.microsoft.com/cppblog/ ... with-msvc/

:)
Last edited by saso on Thu Oct 24, 2019 7:41 am, edited 14 times in total.
User avatar
PrzemoF
Posts: 2655
Joined: Fri Jul 25, 2014 4:52 pm
Contact:

Re: Code quality checker

Postby PrzemoF » Wed Dec 12, 2018 6:45 pm

Looks very promising, but after I selected online analysis I hit some code that must be run locally:
"Download and unzip the Scanner for Linux
And add the bin directory to the PATH environment variable
Download
Execute the Scanner from your computer
Running a SonarCloud analysis is straighforward. You just need to execute the following commands in your project's folder."

I'm not sure if I'm doing something wrong or that's the way it's supposed to be.
User avatar
saso
Posts: 1337
Joined: Fri May 16, 2014 1:14 pm
Contact:

Re: Code quality checker

Postby saso » Wed Dec 12, 2018 6:55 pm

I have not used sonar yet, here are some instructions how to set sonarcloud up with travis https://docs.travis-ci.com/user/sonarcloud/
User avatar
saso
Posts: 1337
Joined: Fri May 16, 2014 1:14 pm
Contact:

Re: Code quality checker

Postby saso » Fri Dec 28, 2018 9:49 am

PrzemoF wrote:
Wed Dec 12, 2018 6:45 pm
...
I have seen you have started an Coverity build for FreeCAD, but you already have access to https://scan.coverity.com/projects/saso ... ac-freecad ;)

Check the three post here https://forum.freecadweb.org/viewtopic. ... 30#p210644 for some first steps how to use it.
Last edited by saso on Mon Jan 07, 2019 9:12 am, edited 1 time in total.
User avatar
saso
Posts: 1337
Joined: Fri May 16, 2014 1:14 pm
Contact:

Re: Code quality checker

Postby saso » Sun Jan 06, 2019 11:26 pm

Control source code quality using the SonarQube platform
https://www.viva64.com/en/b/0452/

PVS-Studio as a plugin for SonarQube
https://www.viva64.com/en/b/0513/

Edit: I have moved some info about the PVS-Studio to a separate topic https://forum.freecadweb.org/viewtopic.php?f=10&t=34266
Last edited by saso on Sat Feb 16, 2019 8:32 pm, edited 2 times in total.
User avatar
Kunda1
Posts: 5927
Joined: Thu Jan 05, 2017 9:03 pm

Re: Code quality checker

Postby Kunda1 » Sat Oct 19, 2019 1:21 pm

a thread pertaining to LGTM was split, new thread is at: https://forum.freecadweb.org/viewtopic.php?f=10&t=40228
Want to contribute back to FC? Checkout:
#lowhangingfruit | Use the Source, Luke. | How to Help FreeCAD | How to report FC bugs and features
User avatar
saso
Posts: 1337
Joined: Fri May 16, 2014 1:14 pm
Contact:

Re: Code quality checker

Postby saso » Sat Oct 19, 2019 3:37 pm

Thanks Kunda1 for moving lgtm to its own topic...

And to give a small update to this topic (related but not directly :roll:), link to a ton of videos from this (and past) years CppCon presenting and discussing different topics, best practices and the future of developing in C++ https://www.youtube.com/user/CppCon/videos