Bot releases are hidden (Show)

codechecker - v6.15.1

Published by csordasmarton over 3 years ago

News

CodeChecker is now available in the Snap Store and can be installed easily with the following command: sudo snap install codechecker --classic.
We have enabled Github Discussions in our repository. Now if you have any question or an idea you have to create a new discussion instead of an issue. Bug reports still have to be created as an Issue.
Our Roadmap for 2021 is available here: https://github.com/Ericsson/codechecker/projects/15
We moved from Travis CI to Github Actions (#3066, #3086, #3131).
Unfortunately one of our core team member @gyorb left the project due to getting busy with other tasks. We wish you all the best and thank you very much for your hard work in the CodeChecker project 😊. Nevertheless, we hope that one day you return contributing! 😏

CLI related improvements/fixes

Sphinx documentation generator tool parser (#3017).
Show comments when using CodeChecker cmd results --details command (#3005).
Using tags names in diff commands (#3144).
Fix json and html output when both formats are selected (3059).
Unique lines when collecting statistics (#3028).
Diff resolved reports of remote to local (#3129).
Collect CTU-involved files in the report directory (#3029).
Fix double clang-tidy config flags (#3157).
Do not allow ctu-ast-mode in non-CTU mode (#3146).
Handle duplication warning at store (#3159).
CodeChecker log debug logs go to report dir (#3166).
Opt-in fix escape in logger in case of backslash, CR, LF (#3169).

Server improvements/fixes

Configure keepalive (#3167).
LDAP authenticated users default permissions (#3072).
Source code comment parsing with trim path (#3078).
Change review status date only if necessary (#3123).
Print API function name in server logs (#3105).
Fix multiple negative file path in source component filter (#3051).
Fix LDAP authentication exception (#3073).
Verify TLS certificate in LDAPS connection (#3083).
Log unsuccessful authentication requests (#3148).
Add more info log to the store API function (#3165).
Fix quotes in system comments (#3094).

GUI improvements/fixes

Add shortcut links to the product page (#3100).
Show a progress bar while removing a run is in progress (#3046).
Sort runs in ascending order by the latest storage date by default (#3071).
Show both review and detection status icons in the Report Tree view (#3037).
Outstanding reports char day view (#3054).
Set required field for product config form (#3056).
Handle missing report (#3102).
Fix undefined getRunIds API function in Baseline Run filter (#3043).
Fix checker statistics difference (#3130).
Fix links in statistics tables (#3067).
Fix getting analyzer statistics for runs (#3152).
Refactoring product overview page (#3147).
Usability improvements (#1522, #3041, #3042).

Documentation updates

Documentation for report identification (#3070).
Extend documentation for detection status (#3038).
Describe the usage flow in the main readme (#3069).
Show command line features in the main readme (#3068).
Full GUI userguide rewrite (#3080).
Other fixes (#3040, #3101, #3154).

Package updates

We changed our thrift requirements from 0.11.0 to 0.13.0 (#3032).
We upgraded lxml requirements from 4.5.0 to 4.6.2 (#3127).

Milestone

For more detailed information check the milestone of this release.

Contributors

Big thanks to everyone who helped us creating this release: @jay24rajput, @rasjani, @jimis, @engr-basit, @startergo.

codechecker - v6.15.0

Published by gyorb almost 4 years ago

New features

Web UI

There is a brand new product statistics overview page with the information about the recently introduced or resolved reports or about the distribution of the reports in the product. #2986
The run history list was moved from a separate tab to an expandable list under each run at the run list. This makes easier to find the relevant
run history entries for each run. #2953
New report info button to show more information about a report at the report details page (run name, detection/fix date ...) #2961
Source components can be used to create and save file path filters with a name to show results only from those parts of the analyzed project. With the newly introduced other component every report which does not belong to any other component can be filtered. #2989

Command line interface (CLI)

New exit status numbers for the CodeChecker analyze and check commands for better CI integration #2943:
- 0 - Successful analysis and no new reports
- 1 - CodeChecker error
- 2 - At least one report emitted by an analyzer and there is no analyzer failure
- 3 - Analysis of at least one translation unit failed
Gerrit output format is available for the parse subcommand. This output format was only available for the CodeChecker cmd diff command in the previous releases. With this change the parse command can be used for the gerrit integration too #2745
CodeChecker parse analyzer_reports -e gerrit

Report storage support for new source code analyzers

Report conversion and storage support is available for multiple new source code analyzer tools (Coccinelle #2949, Smatch #2968, Kernel-Doc #2981). The report-converter tool can be used to convert the output of these analyzers to a format which can be stored to the web server or processed by other CodeChecker commands (parse, cmd diff ...).
For more information about the tool configuration and usage check out the user documentation:
- Coccinelle user documentation
- Smatch user documentation
- Kernel-Doc user documentation

Changes

Open reports date filter was renamed to "Outstanding reports on a given date" on the web UI. #2990
Also a new --outstanding-reports-date CLI filter argument was introduced as a filter option.
Less code styling related checker groups are enabled by --enable-all flag.
The --enable-all flag enabled a lot of style checkers which could generate a lot of styling reports. #3013

Further improvements worth mentioning

Allow users to overwrite location of the session file #2976
Show how many filter items are visible at the filter tool tip if there are more items #2862
Show selected filter items at Review status filter #2940
Improve component statistics page load performance #3018
Enable search and highlight occurrences of the selected text at the source code view #3011
Set analyzer name for clang-diagnostic checkers when the reports are stored #2956
Reintroduce skipfile script for gerrit integration to be able to analyze only the changed files. #3008
New severity levels for cppcoreguidelines-prefer-member-initializer, altera-struct-pack-align and bugprone-redundant-branch-condition checkers #2954, #2948

Other improvements and bugfixes

For the full list of changes and improvements checkout the milestone

Contributors

Big thanks to everyone who helped us creating this release:
@bulwahn, @gargaroff, @jay24rajput, @sudipm-mukherjee, @meghajain-1711, @dl9pf, @sylvestre, @jimis, @jgalenson,

codechecker - v6.14.0

Published by gyorb about 4 years ago

New features

New statistics page in the Web UI

The statistics page got a new design with a lot of new features:

statistics shown in separate tabs instead of one page for better visibility
new, component statistics page, where reports are distributed per statistics, components can represent a part of a repository (directory, files)
statistics comparison mode: you will be able compare the report statistics of two different analysis runs or time snapshot
diff and review status filters are available on the statistics page
#2897

Redesigned date selectors for the web UI filter and CLI

You will be able to list the open reports of your project for any date.
Open reports at a date are which were detected BEFORE the given date and NOT FIXED BEFORE the given date.
From the CLI the open reports can be queried like this:

CodeChecker cmd results --open-reports-date 2020:09:11:12:20 --url ...

Remember filters when navigate between pages

Filters are remembered during navigating between the pages. The report list and statistics related filters are saved separately.
#2913

Show analyzer name alongside the reports

Analysis results from multiple static analyzers can be stored to the database, with this change for each report the analyzer
name can be viewed which produced the result.
#2717

Always show similar reports

Reports with the same hash can be seen in a drop down list for each report without uniqueing #2896

Enable and disable checker profiles and guidelines (like sei-cert) in the analyzer CLI.

There is a new syntax extended with guideline support which can be used to enable checker sets.
With the new syntax the checkers, profiles and guideline can be enabled or disabled even if there is a conflict in their name.
The arguments may start with profile: of guideline: prefix which makes the choice explicit.
Without prefix it means a profile name, a guideline name or a checker group/name in this priority order.

CodeChecker analyze -o reports -e profile:sensitive -e guideline:sei-cert compile_command.json

Use these commands to list the available profiles
CodeChecker checkers --profile list
or guidelines:
CodeChecker checkers --guideline

New report converter for Markdownlint results

The reports from Markdownlint can be converted and stored
to the report serve like this:

# Run Markdownlint.
mdl /path/to/your/project > ./mdl_reports.out
# Use 'report-converter' to create a CodeChecker report directory from the
# analyzer result of Markdownlint.
report-converter -t mdl -o ./codechecker_mdl_reports ./mdl_reports.out
# Store Markdownlint reports with CodeChecker.
CodeChecker store ./codechecker_mdl_reports -n mdl

#2829

The codechecker config file was extended with a parse section which can be used by the parse subcommand.

It can be used to set the path prefixes in the CodeChecker config file which should be trimmed by the parse subcommand when the reports are printed:

{
  "parse": [
    "--trim-path-prefix",
    "/$HOME/workspace"
  ]
}

The config file for the parse command can be set like this:
CodeChecker parse report --config codechecker_cfg.json
#2885

Environment variables can be used in the CodeChecker config file, they will be expanded automatically

{
  "analyzer": [
    "--skip=$HOME/project/skip.txt"
  ]
}

#2877

Changes

On-demand Cross Translation Unit Analysis will be the default CTU analysis mode

The On-demand CTU analysis support introduced in the previous release is enabled by default now if the used
clang static analyzer supports it. CTU analysis will be performed without the huge temporary disc space allocation.

With the --ctu-ast-mode the analysis mode can be switched back to the old behavior if the new consumes too much memory:

CodeChecker analyze --ctu-ast-mode lod-from-pch ....

Further improvements worth mentioning

Collect compiler information in case of clang mismatch #2872
Log enabled checkers at the beginning of analysis #2858
Add severity to statistics html page #2899
Improve source component filter performance #2857
Options specified on the command line after the --config option will override options specified in the config file #2883
Compile command logging for make versions newer than 4.3 is fixed #2689

Full list of changes

View the milestone for the complete list of changes in this release.

Contributors

Big thanks to everyone who helped us creating this release: @sylvestre @gocarlos

codechecker - v6.13.0

Published by gyorb over 4 years ago

New feature highlights

New web UI

In this release the UI framework was completely replaced to increase usability, stability and performance.
The new framework allows a lot of improvements like:

faster page load
faster navigation
improved front-end testing
less load on the server

With the new UI the permalinks are backward compatible so the saved URLs should work as before.
Additionally to the UI improvements there is a new feature.
If Unique reports is enabled on the reports view there is a drop down list for each report showing the similar reports
with the same report hash (but maybe with a different execution path)

Note! When building the package nodejs newer than v10.14.2 is required!
Please check the install guide for further instructions on how to install the dependencies.

Apply checker fixits

Some checkers in Clang-Tidy can provide source code changes (fixits) to automatically modify the source code
and fix a report. This feature can also be used to modernize the source code.
To use this feature the clang-tidy analyzer and the clang-apply-replacements tools needs to be available in the PATH.
During the clang-tidy analyzer execution the fixits are automatically collected.

CodeChecker analyze -o report_dir -j4 -e modernize -e performance -e readability compile_command.json --analyzers clang-tidy

Use the CodeChecker fixit report_dir command to list all collected fixits.
Fixits can be applied for a source file automatically like this:

CodeChecker fixit report_dir --apply --file "*mylib.h"

or in interactive mode where every source code modification needs to be approved:

CodeChecker fixit report_dir --interactive --file "*mylib.h"

Fixits can be applied based on a checker name, so to cleanup all the readability-redundant-declaration results execute this command:

CodeChecker fixit report_dir --apply --checker-name readability-redundant-declaration

Coding guideline mapping to checkers (SEI-CERT)

There are coding guidelines like (SEI-CERT, C++ Core Guidelines, etc.) which contain best practices on avoiding common programming mistakes. To easily identify which checker maps to which guideline the--guideline flag was introduced.

To list the available guidelines where the mapping was done, use this command:

CodeChecker checkers --guideline

The checkers which cover a selected guideline can be listed like this:

CodeChecker checkers --guideline sei-cert

If we want to get which checker checks the sei-cert rule err55-cpp by executing
the command below we can get that the bugprone-exception-escape checker should be enabled if the err55-cpp rule needs to be checked.

CodeChecker checkers --guideline err55-cpp 
  bugprone-exception-escape

More detailed information about the checkers and the guideline mapping can be found by executing
this command:

CodeChecker checkers --guideline sei-cert --details

Makefile output

CodeChecker can generate a Makefile without executing the analysis.
The Makefile will contain all the necessary analysis commands as build targets.
With this Makefile the analysis can be executed by make or by some distributed
build system which can use a Makefile to distribute the analysis commands.

Locally with a simple make it can be executed like this:

CodeChecker analyze --makefile -o makefile_reports compile_command.json
make -f makefile_reports/Makefile -j8

On demand CTU analysis support

With this new flag (--ctu-ast-mode) the user can choose choose the way ASTs are loaded during CTU analysis.
There are two options:

load-from-pch (the default behavior now, works with older clang versions v9 or v10)
parse-on-demand (needs clang master branch or clang 11)

The mode 'load-from-pch' can use significant disk-space for the serialized ASTs.
By using the 'parse-on-demand' mode some runtime CPU overhead can incur in the second phase of the analysis but uses much less disk space is used.

Execute this command to enable the on-demand mode:

CodeChecker analyze -j4 -o reports_ctu_demand --ctu --ctu-ast-mode parse-on-demand

See the pull request for more information.

Disable all warnings like checker groups

Clang compiler warnings are reported (clang-tidy) by checker names staring with clang-diagnostic-.
Disabling them could be done previously only one-by-one.
In this release the warnings can be disabled now with the corresponding checker group.

CodeChecker analyze --analyzers clang-tidy -d clang-diagnostic

IPv6 support

The CodeChecker server can be configured to listen on IPv6 addresses.

Performance improvements

diff command printing out source code lines got a performance improvement #2772
report storage performance got improved #2804

Changes

DEPRECATED flag!
--ctu-reanalyze-on-failure flag is marked as deprecated and it will be removed in one of the upcoming releases.
It will be removed because the Cross Translation Unit (CTU) analysis functionality got more stable in the Clang Static analyzer so this feature can be removed.

Other improvements and changes

There are a lot of further improvements and bug fixes in this release.
The full list of changes can be found here.

Contributors

Big thanks to everyone who helped us creating this release: @sylvestre @thresheek

codechecker - v6.12.1

Published by gyorb over 4 years ago

Feature change!

Incremental analysis extension introduced in v6.12.0 feature was changed in #2786!
Getting the c/cpp files that are dependencies of a changed header is not done automatically from now on, the user has to generate the c/cpp file list which should be analyzed.
To support this use case the tu_collector tool was extended to be able to generate the dependency source file list like this:

tu_collector --dependents -l ./full_compilation_database.json -f "*/main.h"

Additional helper scripts and examples can be found in the tu_collector documentation how to analyze the source and header files which were modified in a git commit.

Bugfixes

The parse command could not generate HTML output files #2771
Fix analyzer --file option. The reports from the included header files should not be skipped #2788
Fix update comments if the message did not change #2780
Fix source component update error #2778
Fix run history tag filter #2769
Fix tidyargs file encoding error #2767
Fix segmentation fault in the compile command logger #2768
The wrong codechecker_api version was used in the developer virtual environments #2770
The hash overwrite feature crashed if the plist report file was missing #2779

codechecker - v6.12.0

Published by gyorb over 4 years ago

New feature Highlights

Show clang-tidy reports in headers

Clang-tidy reports are shown from headers (non system) now, this change can increase the number of new results!
Use the following analyzer configuration to turn back the old behavior by setting the HeaderFilterRegex value to an empty string:
CodeChecker analyze compile_command.json --analyzer-config clang-tidy:HeaderFilterRegex=\"\"

Python 3 only

Because of Python 2 sunset at the beginning of 2020 CodeChecker was ported to Python 3 the minimal required version is 3.6. Because of the Python version change and a lot of 3pp dependencies were updated it is required to remove the old and create a new virtual environment to build the package!

Store results from multiple static and dynamic analyzer tools

Starting with this version CodeChecker can store the results of multiple static and dynamic analyzers for different programming languages:

Facebook Infer (C/C++, Java)
Clang Sanitizers (C/C++)
Spotbugs (Java)
Pylint (Python)
Eslint (Javascript)
...

The complete list of the supported analyzers can be found here.
To be able to store the reports of an analyzer a report converter tool is available which can convert the reports of the supported analyzers to a format which can be stored by the CodeChecker store command.

New build and CI system features and improvements

GitLab integration

Inside a GitLab Runner CodeChecker can executed to provide a code quality report for each GitLab review request. The codeclimate json output format was added to the Codechecker parse and
CodeChecker cmd diff commands to generate a json file which can be parsed
by GitLab as a quality report. See the GitLab integration guide for more details how to configure the GitLab runners and CodeChecker.

Gerrit

Integration was simplified, no extra output parsing and converter scripts are needed. The CodeChecker cmd diff -o gerrit ... command can generate an output format which can be sent to gerrit as a review result.

Bazel build system support

Compilation commands executed by the Bazel build system can now be logged with the Codechecker logger to run the static analyzers on the source files. Check out the Bazel build system integration guide for more details.

Compilation errors as reports

Compilation errors occurred during the analysis are now captured as reports by the clang-diagnostic-error checker. These types of reports can be disabled as a normal checker like this:
CodeChecker analyze --disable clang-diagnostic-error ...

Analyzer and checker configuration from the command line

The Clang and Clang-tidy static analyzers and the checkers can be configured from the command line with the newly introduced --analyzer-config and --checker-config options.

Analyzer configuration

Use these commands to list the available analyzer config options (use the --details flag for the default values and more description):

CodeChecker analyzers --analyzer-config clangsa
CodeChecker analyzers --analyzer-config clang-tidy

A Clang Static Analyzer configuration option can be enabled during analysis like this:
CodeChecker analyze compile_command.json -o reports --analyzer-config clangsa:suppress-c++-stdlib=false -c

Checker configuration

Use the CodeChecker checkers --checker-config command to list the checker options, or the CodeChecker checkers --checker-config --details command to get the checker options with the default values.

A checker option can be set like this:
CodeChecker analyze compile_command.json -o reports -e cplusplus.Move --checker-config clangsa:cplusplus.Move:WarnOn="All"

Select only a few files to be analyzed from the compile command database

There is no need for a complex skip file or to create smaller compile command database files to execute the analysis only on a few files. With the --file option the important files can be selected the analysis for the other files will be skipped.
CodeChecker analyze compile_command.json --file "*main.cpp" "*lib.cpp"

Incremenetal Analysis Extension: Analyze c/cpp files that are dependencies of a changed header

Header files can not be analyzed without a c/cpp file. If a skip file contains a header file (with a "+" tag) like this:

+*lib.h
-*

Which means the header file should be analyzed. CodeChecker tries to find all the c/cpp files including that header file and execute the analysis on those c/cpp files too so the header file will be analyzed.
The only limitation is that the full compilation database is required to collect this information.

CodeChecker CLI configuration files

The CodeChecker commands can be saved in a config file which can be put into a version control system or distributed between multiple developers much easier. In the previous release v6.11.0 the support for the analyzer configuration file was added. In this release it was extended to the web server related commands (store, server) so they can be stored into a configuration file too.
It is not required to type out the options in the command line all the time to store the analysis reports.
With an example store_cfg.json config file like this:

{
  "store":
    [
      "--name=run_name",
      "--tag=my_tag",
      "--url=http://codechecker.my/MyProduct"
    ]
}

The CodeChecker store command can be this short: CodeChecker store reports --config store_cfg.json

Other new features worth mentioning

The review comments in the source code are shown by the CodeChecker parse command
A free text description can be store to every run which can contain any compilation or analysis related description.
CodeChecker store --description "analysis related extra information" ...

Removed command line options

These CodeChecker check and CodeChecker analyze options were already deprecated and were removed in this release:

-f/--force
--add-compiler-defaults

Other improvements and changes

There are a lot of improvements and bug fixes in this release.
The full list of changes can be found here.

License change

This is the last release with the NCSA license the new license after the release will be: "Apache 2.0 with LLVM Exception", SPDX License Identifier: "Apache-2.0 WITH LLVM-exception"

Contributors

Big thanks to everyone who helped us creating this release: @itzurabhi, @tilya, @themightyoarfish @rpavlik @sylvestre

codechecker - v6.11.1

Published by gyorb over 4 years ago

Improvements

Handle two kinds of implicit includes differently (gcc include-fixed and *intrin.h headers) #2562 #2541
Filter out include directories containing *intrin.h header files #2569
Add -fno-keep-static-consts flag to gcc ignore list #2568

Bugfixes

Translation unit collector did not detect CCache in the build commands #2524
Fix row output type in command line #2547
Number of reports was not calculated right for parse command #2539 #2556 #2550
Path normalization fix for the file skip feature #2548
Fix error when query limit is larger than max limit #2533
CodeChecker check no longer works analyzer #2505 #2506 #2532
- fixes the problem where ClangSA is not available in the PATH

Changes

Do not enable all modernize checkers in sensitive profile #2502 #2558

codechecker - v6.11.0

Published by gyorb almost 5 years ago

New Feature highlights

Show system comments for bugs GUI #746
Review status changes by the users are automatically stored and shown at the report comment section
for each report. With this feature the status changes of the reports can be easily tracked.
Introduce different compiler argument filtering if the original compiler was clang #2382 #2482
If the original compiler used to build a project was clang/clang++ only a minimal compilation
flag filtering or modification is done.
In the case where the original compiler was gcc/g++ many non compatible compiler flags were
filtered which is not required if the original compiler is clang.
Store the Cppcheck plist reports #2474
Plist reports generated by Cppcheck can be stored by the CodeChecker store command.
For a more detailed example how to configure Cppcheck to generate the reports in the right format
see the documentation.
CodeChecker config file support for the analysis arguments #427 #2268
The arguments for a CodeChecker analyze command can be given in a config file.
A more detailed description about the usage and the config file format can be
found here.
Log compile commands with absolute paths #2447
With the introduction of a new environment variable (CC_LOGGER_ABS_PATH) the compiler include paths
will be converted to an absoute path.
This conversion can be necessary if the compiler command database created
by CodeChecker will be used by other static analyzers (E.g. Cppcheck).
Enforce taking the analyzers from PATH #2378
With the newly introduced environment variable the usage of the static analyzers in the PATH
can be forced even if the configuration contains analyzers not from the PATH.
List ClangSA checker options #2425
The Clang Static Analyzer options can be listed now (requires clang v9.0.0 or newer).
Use the command CodeChecker analyzers --dump-config clangsa to print the static analyzer configuration.
Support json output for parse command #2424
The parse command can generate json output from the reports if required:
CodeChecker parse -e json analyzer_reports
Use CodeChecker parse with multiple directories #2384
The CodeChecker cmd parse command now accepts multiple directories to parse the reports from.
Update the name of a run from the command line #1778

Improvements and bug fixes

Analyzer

Detect -MG as a precompilation flag #2472
CodeChecker analyze and parse fails for non ascii. #2454
Document some new checkers #2445
Incorrect full path reconstruction for -include #2440
Resolve symlinks of compiler binaries #2430
Add missing lxml dependency to the analyzer #2414
Document two new checks #2405
Replace analyzer option api-metadata-path with package option APIMetadataPath #2403
Skip handler must be run before compiler options parsing not after #2396
Incremental analysis failures on the same file results in stupid failure ZIP #2395
Do not count a number of skipped actions in progress log #2394
'aggressive-binary-operation-simplification' should be clang version dependent #2390
Do not load plugins when CC_ANALYZERS_FROM_PATH is used #2483
Print a log message when overwriting a plist file #2375
Ignore -mllvm option #2374
Fix taint issue #2426
Fix missing analyzer binary #2437
Fix failure zip #2444
Fix handling '--sysroot=' flag format #2453
Handle enabled checker per profile for ClangSA #2337
Do not disable all clang static analyzer checkers unconditionally #2386
Less argument processing if skip file used without ctu and stats #2462
Set io.open encoding to utf-8 #2484
Add 4 new checker severity levels #2485
some specific Xclang arguments modify the output #2492
do not disable all clang static analyzer checkers unconditionally #2386

Web

args.config has been renamed to args.config_file #2478
Can not delete run #2473
Always generate a new token on login #2423
Use saved credentials if auto login is enabled #2421
Trim white spaces from the user name when adding new permissions to it #2420
Fix personal access token generation #2413
Add a heartbeat and readiness URL #2410
Keep the selected sub tab on run tab switch #2401
Run tab switch jumps back to previous tab #2400
Disable run limitation #1949
Fix hiding tooltip of the source component filter item #2489

Other

Documentation for cppcheck report storage #2481
Remove SimpleStream checker from sensitive profile #2480
Extra comments for clang compiler change in travis #2469
Bump up the minimal required clang version #2468
OSX does not have include-fixed in its include path #2464
The existence of a config file influences the test #2463
Fix test case for has_analyzer_option #2460
Sort report lines for files #2459
Fix missing type imports for the tests #2456
Update to xcode10 in travis #2455
Upgrade tests to run with Clang 9.0.0 #2451
Remove fail zip first in case of write mode. #2450
Fix pylint errors #2448
Fix travis error code handling. #2446
Adding compilation database to JSON in tu_collector #2441
Revert "add label configuration for the github actions" #2438
Update authentication.md for codechecker.readthedocs.io publishing #2436
Fix thrift path on osx #2431
Fix pylint warnings #2422
Add more example how to use credentials #2416
Simplify Gerrit integration documentation #2415
Rename shared.thrift to codechecker_api_shared.thrift #2406
Fix travis failure #2392
Add default values to the package_layout.json #2385
Refactoring package_layout.json file #2379
Increment CodeChecker version to 6.11.0 #2313
It is not possible to order runs by run name #2235
Support response files #2092
Introduce code owners file #2075

API changes

New filter options for CodeChecker cmd runs command #2343

Contributors

Big thanks to everyone who helped us creating this release: @josod, @LebedevRI, @sylvestre, @hpwxf, @irishrover, @scphantm

codechecker - v6.10.1

Published by gyorb about 5 years ago

This is a bug fix release including many fixes and documentation updates. There are no new features or backward incompatible changes.

Bugfixes

Most important

Fix exception handling for HTTP POST requests #2331
The improper handling of a possible exception caused the server to hang and not respond to the new requests.
Autocompletion for the login form #2276
The login form will be autocompleted if the credentials are saved by the browser.
fix backslash in user name #2332
LDAP user names containing a backslash caused exception at the server.
Skip lists should not be applied to the CTU pre-analysis step #2299
To collect the required information for the CTU and statistics based analysis no source
files are skipped from the compilation database at the pre-analysis step.
api modeling checkers should be enabled in all profiles #2305
Increase the severity of some checker that indicate Undefined Behaviour #2370
Removing alpha.security.MallocOverflow from the sensitive profile throws too many false positives #2366

compiler include path related fixes

Keep GCC include-fixed dirs in include paths #2272
The include-fixed include paths by gcc might be required for the analysis, but that is
project dependent a new --keep-gcc-include-fixed flag is introduced so the projects can keep or remove
the include paths for the analysis.
Additional -nostdinc[++] #2344, -stdlib #2303 compilation flags are considered at the implicit compiler include path detection, because they affect the list of the include paths.
Clang searches for builtin includes relative to the binary #2302
Clang builtin include paths were added by an --isystem flag at a fixed place if the include files were in the package, standard clang installation should not be affected by this change.

compilation command logging related fixes

Fix ld_logger crash #2309
A crash during logging prevented to collect the compilation commands.
Give absolute path in the CC_GCC_LOGGER_LIKE environment variable #2315
If there are compiler wrapper scripts named the same way as the original compiler (gcc/g++) logging the original compiler was hard because the difference was only in the path of the executable. With this change the logging the original compiler execution can be done too.

Analyzer

Fix Z3 refutation detection #2231
return 0 in case no analysis is needed #2255
Crash in splitting output of "clang -### ..." #2300
Plist files should contain absolute paths #2360
import get_logger in clang_options.py #2296
CodeChecker disables apiModeling by default #2289
Introduce clang version dependent options #2287
fix env forwarding for the subprocess in ctu autodetect #2284
Fix a typo on setup_process_timeout call #2281
-fstack-reuse is not supported by clang #2280
Determine language based on compiler name #2277
Remove skip list handler from common module #2274
remove argument handling class from common module #2254
move report parsing related code to the parse cmd #2252
fix context free report hash generation doc #2251
refactor suppress file handler #2250
Fix LOG.debug #2248
move proc timeout functions and tests to analyzer #2246
move get_binary_in_path to analyzer module #2245
Add tests for cmdline #2283

Web

Store analyzer version instead of CodeChecker version #2373
Upgrade JQuery to 3.4.1 #2345
Fix double scroll bar on the GUI #2334
Extend the help message of "CodeChecker cmd del" command #2325
indentation of the call graph is not always correct #2320
Make placeholder help for source components more descriptive #2310
"loading" label for unauthorized users #2307
Fix local session creation #2301
Fix comment update #2282
Fix pg8000 test command #2275
Revise how events are indented in a bug report #2269
Web GUI doesn't honor new lines for comments #2259
move profiler from common to server #2247
Impossible to delete run in the web GUI #2234
Fix reading worker_processes config value #2227
Fix source code comment regex #2356

Other

Description of incremental analysis using skipfile #2381
Remove whitespace characters at cmd results #2362
Buggy 'CodeChecker parse --print-steps' filename outputs when a report is ranging across TUs. #2358
Format main README.md #2355
Fix daily script #2316
package_layout.json "ctu_func_map_cmd" is not considered #2330
Update documentation #2323
ld_logger improvement #2317
gcc compiler flags against Spectre unknown by clang #2304
match for multiple digit clang versions in tests #2298
Update travis ci base image to bionic #2291
replace StackAddressEscape checker in analyzer tests #2288
Omit extra newlines while logging build commands #2286
Add standalone package target #2273
remove unused db version information #2270
create reports and project for the update test #2266
enable build matrix for travis #2261
tu_collector tests can be run independently #2253
update travis to clang8 #2244
Exception on regex characters in checker name #2241
Fix Clang version regex in tests #2239
bump up version to v6.10.1 #2225

API

Fix getDiffResultsHash API function #2265

Credits

Big thanks to everyone who helped us creating this release: @gwangmu, @irishrover, @zingo

codechecker - v6.10.0

Published by gyorb over 5 years ago

Backward incompatible CLI change

CLI run name filter delimiter was changed from ":" to " ".
With this change run names containing ":" can be filtered.
The previous solution prevented to filter run names containing ":". #2113

Analyzer

New Features

Add support to enable Z3 refutation.
Use the Z3 theorem prover if Clang is built with it, to cross check the results by Clang Static Analyzer.
The usage of this solver can reduce the false positives produced by the ranged-based solver,
and using refutation should not increase the analysis time a lot. #2091
This feature is enabled by default if available.
Add support to enable Z3 Theorem Prover #2087
Use the Z3 theorem prover if Clang is built with it. In this case the built in range-based constraints
solver will be replaced by Z3 in Clang Static Analyzer.
The performance is worse than the default range-based constraint solver right now.
It can be enabled by the --z3 flag.
Give warning if an enabled or disabled checker is missing or there was a typo in the checker name #2215
Clang warnings can be listed with the CodeChecker checkers --warnings #1693
Add --trim_path_prefix option for parser command #2076

Improvements

Multiple improvements and bug fixes for build environments with ccache #2202, #2126
Collect compiler information for multiple languages (C/C++) #2193
If available use lxml library to parse plist files to improve performance #2170
Skip sources argument when parsing the precompilation options #2072
Define severity for new checkers #2128, #2132, #2141
Adding clang8 checker naming related changes #2216
Try to autodetect mapping tool based on clang version, required for CTU analysis with clang8 and newer #2030
Improvements to log compilation commands during the build process #2131, #2160, #2139

Web

New Features

Filtering can be done based on the bug path length on the web UI #2197
CLI is now able to return the detailed bug path if required #2068
The diff command prints the summary of the results now #2165
New documentation and configuration files to create docker images for easier setup and installation #2038
New docker image is available on dockerhub

Improvements

Multiple performance improvements to speed up the storage and query of the results #2177, #2175, #2172, #2188, #2169, #2178, #2163, #2135
Case insensitive LDAP group search and comparison #2073
Don't allow users to see the results of a product where no permissions were set #2158
Send back a valid Thrift error response instead of HTTP error codes #2149
Implicit initial wildcard in search fields for easier search #2134
Multiple third party dependencies were updated (SQLAlchemy, psycopg2) #2079, #2181

Web API changes

Create separate API function to get analysis statistics #2182
Run history limitation was introduced #2177
getRunData limitation was introduced #2175
New API function is available to get check command #2172

Other bug fixes and improvements

You can find a more detailed list of changes here: milestone 6.10

codechecker - v6.9.1

Published by gyorb over 5 years ago

New

Enabling expand-macros feature of clang #1994
- Since clang v8 macros can be expanded in the reports. This feature is enabled by default in CodeChecker
  so the reports will always contain macro expansions for better report understanding.
Specify only a sub string of the checker name for suppression #2019
- Source code review status comments will work with checker name sub strings (useful if a checker is moved between packages)
New security checkers profile #1054
- New security profile with multiple security related checkers is available.
  Run CodeChecker checkers --profile security for the full list of checkers.

Changes

Added severity levels of yet uncategorized checkers and checker profiles were updated #2034

Default profile:

Added

alpha.cplusplus.UninitializedObject
bugprone-copy-constructor-init
bugprone-terminating-continue
bugprone-throw-keyword-missing
bugprone-unused-return-value
bugprone-virtual-near-miss
cert-fio38-c
cplusplus.InnerPointer
optin.cplusplus.VirtualCall

Sensitive profile:

Added

alpha.cplusplus.UninitializedObject
alpha.security.MmapWriteExec
bugprone-copy-constructor-init
bugprone-exception-escape
bugprone-macro-parentheses
bugprone-terminating-continue
bugprone-throw-keyword-missing
bugprone-unused-return-value
bugprone-virtual-near-miss
cert-dcl54-cpp
cert-err09-cpp
cert-fio38-c
cert-msc51-cpp
cplusplus.InnerPointer
optin.cplusplus.VirtualCall

Extreme profile:

Added

alpha.cplusplus.UninitializedObject
alpha.security.MmapWriteExec
bugprone-copy-constructor-init
bugprone-exception-escape
bugprone-macro-parentheses
bugprone-terminating-continue
bugprone-throw-keyword-missing
bugprone-unused-return-value
bugprone-virtual-near-miss
cert-dcl54-cpp
cert-err09-cpp
cert-fio38-c
cert-msc51-cpp
cplusplus.InnerPointer
cppcoreguidelines-narrowing-conversions
misc-unused-parameters
optin.cplusplus.VirtualCall
optin.performance.Padding
security.insecureAPI.bcmp
security.insecureAPI.bcopy
security.insecureAPI.bzero
security.insecureAPI.strcpy

You can get more information about the checkers here and here.

Improvements

Show supported analyzers at cmd checkers #2055
add readthedocs link #2041
introduce readthedocs #1935
add docs as a special route #2052
Gerrit-Jenkins integration is extended #2061
rename passwords json file in the doc #2035
add new mkdocs target to build the documentation #2026
update test documentation #1985
Resurrect --compiler-info-file analyze flag. #2039
[userguide] Disable review status change feature #2002
Travis clang back to 7 #2022
run brew cleanup only in osx in travis #2016
load only files with ".so" extension as a plugin #2014
Run python style tests before test target #2010
Improve web test performance #2004
Keep clang flags #2003
Update travis llvm version #1998
Create pip package from tu-collector #1995
Pip package from plist-to-html #1993
Increase performance of the travis jobs #1991
Add pylint and pycodestyle targets #1952
Add more test targets to the main Makefile #1951
Handle cases when plugin directory does not exist #1946
Use compiler_info.json file in debug scripts #1941
Give better error message on keyerror at package context #1933
Extend version file with git information #1931
Download external dependencies with Makefile #1929
Add example for CodeChecker cmd diff #1927
Tool to create new compiler info files from old ones. #1909
return error in case of wrong checker profile name #2059
create test case for mixed compilation x dependency file case #2050

plist to html tool improvements

Improve plist-to-html sort performance #2037
[plist-to-html] Ordering of reports #1973
[plist-to-html] Link to index.html #1972
[plist-to-html] Sort the reports in ascending order by file path #2054
[plist-to-html] Ordering reports #2028
collect statistics for plist to html parser #1035

Bug Fixes

The skipped flags are skipped in case of Clang too #2062
A compiler doesn't provide an architecture target #2067
fix missing sys import #2064
isystem path was set wrong #2060
fix profile listing on name conflict #2058
handle character decoding problems (locale mismatch) #1770
review status is not set #1647
filter based on detection date without setting the hour value #2048
detection date filter not set from url #2047
plist to html index.html sorting problem #2046
Fix package build #2029
Yet another logger fix #2027
Logging does not preserve escaped quotes #2025
Cleanup database on run remove #2018
Fix travis missing "then" keyword #2017
Refactoring docs #2013
Processing target architecture first in log parser #2008
Fix run_test target #2006
Fix default target call #2000
return an empty string at getting compiler includes #1997
Fix cleaning venv_dev #1996
Compile action contains bot compiler and preprocessor flags #1989
Fix authentication #1988
fix analyzer_statistics module import #1982
Introducing --compile-uniqueing parameter #1965
Fix run_test target #1958
Fix cleanup target #1950
Do not store failed files when using 6.9.0 version #1943
Fix failed source list of analysis statistics #1942
There is no way to jump to a note, like you can to events #1940
fix action list length check #1938
Fix verbosity in build scripts #1936
CodeChecker log generated json can't handle filenames with spaces #1366
Incorrection documentation about "cmd login" #1133

Source repository changes

This release contains many bug fixes and a large amount of source code refactoring.
We started the refactoring to split up the source tree to easier manageable pieces.
The work is not fully finished but we are close.
Separating the main parts will allow us to release and develop them independently in the future.

The main new parts of the restructured repository are:

analyzer (run and configure the supported static analyzers)
- tools/build-logger/ (log compiler invocations during build)
web (web server and client to store/query and manage the reports)
tools (independent tools which are used by the analyzer or web)
- plist_to_html
- tu_collector

You can find more details about the new layout here #1830

Refactoring

Move webserver unit tests under server #1955
allow to set the base wp dir from env variable for tests #1983
Allow to set workspace for web tests #1980
Reduce the number of travis matrices #1975
Cache downloaded binary osx packages on travis #1966
Skip generated files from tests projects in gitignore #1959
use templates to generate html files #2040
Create commands.json for sub-commands #1932
Create package directory #1977
Separate directory for analyzers #1976
call setup.py only in the target #2015
Refactoring web docs #2024
Revert back package build scripts to py2 #1945
remove py3 incompatible uppercase conversion #1923
python3 compatible exception cleanup #1922
Build the package before running functional tests #1954
cleanup make targets with/without virtualenv #2007
merge dev and test virtual environments #2005
Refactoring CONTRIBUTING.md file after split up #2011
Use Makefile to build CodeChecker package #1937
Refactoring generated CodeChecker dependency #1990
Refactoring plist to html #1986
Refactoring config files #1979
Add targets to build analyzer and web separately #1974
Rename libcodechecker to codechecker_common #1968
Remove .noserc from root #1967
Split up source repository #1964
Split up refactoring #1963
Fix CodeChecker version after split up #1962
Get analyzer_statistics module from analyzer #1961
Move some files to webserver common #1960
Split up docs #1956
Create separate contexts for analyzer and server #1953
Split up server/client handling parts #1944
Split up analyzer handling part #1939
Remove psycopg2 from analyzer requirements #1999
Prepare split up #1921
finish logging cleanup #1911
fix pylint old-style class warnings #1917
py3 fix iterator protocol (next method change) #1926
fix dict.items referenced when not iterating py3 #1925
fix dict item was referenced when not iterating py3 #1928
Move analyzer specific test projects under analyzer #1947
Move server related test projects under server #1948

codechecker - v6.9.0

Published by gyorb over 5 years ago

Release 6.9.0

New Features

New "OFF" and "UNAVAILABLE" detection statuses were introduced #1850
Mark a report "OFF" in case the checker is available but it was turned off in a later analysis.
Mark a report "UNAVAILABLE" in case the checker was removed or renamed between different analyzer releases.
They influence the analysis statistics numbers, see the documentation for further details
(diff calculation)
Disable review status change on the WEB UI #1825
Review status changed for a product can be disabled by a product admin.
Improved logging for build systems using ccache #1864
Filter by detection date in command line #1899
CallAndMessageUnInitRefArg was removed from extreme profile #1897
Add run name filter to Codechecker cmd runs command #1849
Report uniqueing arguments in command line #1877
Handle compile errors and analyzer crash separately #1829
New documentation about report identification #1831
Add left/right arrow to the bug steps in the webui #1813
Add extra analyzer flag if the iterator checkers are enabled #1833
Highlight selected event in the generated html report #1893
Announcement banner. #1861

Improvements

Log optimization #1886
Do not convert notes to events #1882
Edit doxygen main page and add images #1884
Ignore encoding errors #1852
Warning when upgrading SQLite database #1858
Update architecture overview #1880
Correct way to convert clang-tidy .rst to .md correctly rendered by CodeChecker #1857
Show link to the ClangTidy site for ClangTidy checks in "Show Docs" #1848
Remove unused analyze arguments from User Guide. #1891
NFC: just sort checker names #1847
Add bugprone-parent-virtual-call check for clang-tidy v7+ #1843
Set user name in the HTTP response header #1828
Unnecessary signal handling in performance test. #1826
Write more info logs at the server #1824
Print statistics on signal #1823
ugrade boost before thrift install #1821
Freeze test requirements and move requirements.txt #1820
New dockerfiles for test environments #1819
Source venv before pycodestyle #1817
Upgrade test environment for clang7 #1816
Initial mkdocs support #1812
Documentation cleanup #1811
Bump up version to 6.9.0 #1809
Constructing config handler is the analyzer classes' responsibility #1788
Modify curl arguments for 3pp downloads #1718
Review sql queries #1700
Contradiction expensive to evaluate #864
Refactoring fail zip #1772
Add stats collector hook #1872
Option parser refactoring #1814
Make ImplicitCompilerInfo's methods static. #1892
Reformat usage guide for mkdocs #1832
Add tooltips to detection status filter items #1907

Bug Fixes

Add clang_analayzer macro to CTU pre analysis #1865
Fix --timeout as clang-sa spawned child processes are not killed now #1844
Tash files are created in cwd by --stats-collect #1881
Whitespace escaping in source path #1871
Fix HTML converter layout file default path #1894
Fix PlistToHTML bug path arrows #1889
Fix escaping in command line arguments #1888
Fix: macros are under diagnosics instead of path #1887
Test OSX Travis #1873
Fix default value of Boolean column at migration #1869
Option parser refactoring broke osx tests #1868
Combobox with False-positive/Intended/... is not shown on last revision #1863
Update postgresql in osx travis ci #1856
Fix running psql test cases #1846
Fix source code comment unicode error #1845
[CTU] Compiler default C++ dialect is not added when generating the PCH files #1838
Fix documentation (markdown syntax and typo) #1810
When many products are added (>30) the product list page takes ~6s to load #1730
If the json file is incorrect formatted, show the impacted file #1665
Fix typo #1896
Fix slow boost build in travis #1822
Fix command line help message #1854
Small fixes found by PyCharm's static analysis #1837
Upload compiler_info.json #1900
Fix storage of analysis statistics test #1901
Store statistics if it contains failed zips #1902
Small log parser fixes. #1903
Enable statistics checkers before workers #1905
Fix password request for cmd #1910
Fix missing space in warning message #1912
Add missing future imports #1913

codechecker - v6.8.1

Published by gyorb almost 6 years ago

Improvements

Select hash generation method #1801
Analyzer report hash generation algorithm can be selected in the command line
Add dates to the run tag list at report filter #1781
New documentation for Gerrit-Jenkins integration #1746
Don't parse command line options for skipped files. #1790
Improve option_parser.py::arg_check to reduce number of regexps compiled #1789
Log invalid LDAP credentials as warnings #1787
Preserve -nostdinc++ in command line, the same as for -nostdinc #1779
Slightly cleaner handling of constructing analyzers #1774
Option to do database migration without user interaction #1769
Print out which product is garbage collected #1767
Online server configuration file reload #1766
Handle SIGTERM to stop the server running. #1762
Remove trivial properties. Rename some files. #1759
Add missing python requirement. #1756
Add logo files #1750
Skip '-Xclang ' at argument parsing #1744
Add .editorconfig file #1697

Bug Fixes

GUI Bug bug path numbering #1806
--force argument for store does not work #1802
Hash generation failed because of decoding error #1800
Bug fix: if there is an issue present, parse_output_parser.py #1799
Multiple configuration option for the same checker #1791
Check that the given product exist at server #1786
Fix long line #1785
Fix exception message printing at server #1784
Break long lines at cmd analyze and check commands #1783
Convert relative include paths to absolute #1782
Fix scrolling at Bug List data grid #1780
Add missing images to user guide #1776
Remove lock file at the end of logging #1773
Fix profileit function #1768
Fix storing check command #1764
Fix instance manager file lock #1763
Fix plist to html parser #1758
Fix non breakable space character #1754
Slugify run name when storing analysis statistics #1753
Fix plist to html converter missing severity #1751
Fix run tab change #1748
Increase performance of loading products #1740
check command's -c flag should remove the report directory #1646
Fix SQL query #1808

codechecker - v6.8.0

Published by dkrupp about 6 years ago

New features

Command line features

#1635 Comparison of report directories from the command line (without database)
Example: CodeChecker cmd diff -b /path/to/report_dir_base -n /path/to/report_dir_new --new

Analysis Related features

#1654 Fine grain control of warnings
It will be possible to enable/disable clang warnings one-by-one. Example: CodeChecker analyze
/path/to/build.log -o /path/to/output/dir --enable Wunused --disable Wno-unused-parameter
Allow to set Clang Static Analyzer and Tidy checker options from CodeChecker command line See ticket (2018-Q3)
#1703 Analyzer Configuration It is supported to set all clang-tidy and clang static analyzer parameters such as -analyzer-inline-max-stack-depth, - analyzer-max-loop through configuration files. For details see pull request.
#1728 Configuration of Statistical Checkers
It will be possible to configure the significanceRatio and the minimumSampleCount for the statistical checkers:
alpha.ericsson.statisticsbased.SpecialReturnValue, alpha.ericsson.statisticsbased.UncheckedReturnValue. See issue.
#1720 Default C/C++ standard auto-detection
Detect automatically which C/C++ standard was used for compilation by gcc and pass the relevant option to Clang (e.g. -std=c++11) . See issue.

Web UI features

#1675 Filter reports by report hash
It will be possible to filter findings on the WEB GUI and command line based on bug hash. For details see pull request.
#1686 Filters for the checker statics page in WEB UI
Extended filters will be added to the statistics page. For details see pull request.
Possibility to delete reports based on filters in the WEB UI
#1624 Management (edit/add/delete) source code component definitions in the WEB UI
#1721 Upload Analyzer Statistics to the central server
For each analysis run, the following statistics is collected and uploaded to the central server and shown for all runs (and also in the run history): files that were successfully analyzed or analyze with failiure, CodeChecker version used for analysis, clang version used for analysis.

Bug Fixes

#1737 handle missing documentation file
#1736 Increase API version
#1735 fine tune error logs
#1734 Renaming statistical test file to cpp
#1733 Fixing exception when shutting down server process
#1732 Making the test server start synchronous
#1731 Fixing the make file
#1728 New configuration options for statistical counting
#1727 Hide Remove filtered reports button
#1726 Fix some JS and python alerts
#1723 calculate bug path length at store (schema change)
#1722 Zombie processes remain on analysis interruption
#1719 Query reports only when shown.
#1717 improve error handling for packaging
#1716 update dojotoolkit link for download
#1715 change component filtering behavior
#1714 Introducing clang-tidy config options file on the command line interface.
#1713 Print statistics at the end of parse command
#1712 Describe new features of v6.8
#1711 Removing run reports in chunks Kind: Bugfix Target: Server
#1710 Add new checker profile: portability
#1708 Fix JavaScript old browser compatibility
#1707 Fix long line in failure_lib.py
#1706 Update web userguide
#1705 Fixed Spelling.
#1703 add checker and analyzer configuration documentation
#1702 Fix checker name filter Kind: Bugfix Target: WebGUI
#1701 Pass severity map dictionary instead of the file
#1699 Encode html entities in PlistToHtml parser
#1695 Handle invalid json files Kind: Bugfix
#1694 increase scan-build version for osx install
#1690 Fix confirmed bug icon at Checker statistics page
#1689 restructure python requirements files
#1685 Fasten tests Kind: Bugfix
#1682 Extend filter text input field hint with example
#1681 Set default severity level for compiler warnings
#1680 Enable -Wall and -Wextra warnings by default
#1679 Multiline messages are displayed properly
#1678 Set default filter values at Checker statistics
#1677 Fix CTU test
#1676 Fix utf8 error at diff when generating html output
#1675 Filter reports by report hash at the command line
#1672 Ignore target dependent -mabi compiler option.
#1670 Call getSeverityCounts correctly
#1669 Fix compiler warning test cases
#1668 sysroot parameter can be given multiple ways
#1667 Update group field of the users tokens on login
#1664 Filter results by report hash on the GUI Kind: Enhancement Target: WebGUI
#1663 Plist to html browser support
add .envrc to gitignore Kind: Usability
#1662 add .envrc to gitignore Kind: Usability
#1660 Allow more product endpoint names to be valid Kind: Enhancement Target: Server
#1658 Fix tidy output converter
#1657 rename compile log file name in the bitbake example
#1655 Set file path after items are added to bug tree
#1650 Use valid license name
#1648 Summarize results for source files at parse cmd
#1645 Add statistics checkers' flags to CodeChecker check sub-command
#1644 Minor fix in documentation
#1641 Fix non existing report in the GUI
#1640 Distinguish BuildAction objects on original build command

codechecker - v6.7.1

Published by gyorb over 6 years ago

Bug Fixes

Open file with universal line endings #1631, #1625
Fix tidy fixit parsing #1620
Fix get report data while generating HTML reports #1610
Fix AttributeError: 'Namespace' object has no attribute 'skip_file' #1607
Filter values are removed when switching tabs #1603
Filter run history based on the selected run filter #1602
Fix source component filter and add more tests #1600
Fix removing source component #1597
Fix source component filter query in pgsql #1595
Fix getProducts API function to do exact match #1594
Fix userguide #1590
Locale compare and Diff view shows different results #1432
Review status hover on last element on table flows outside viewport #1385
Fix run history tab value in the URL on show event #1634

Improvements

Handle yet another unknown GCC flag (-mfloat-gprs=double) #1618
Increase performance of the UI #1613
Handle gcc-toolchain flag #1605
Support source component filter in the command line #1596
Update web userguide #1593
Show detection status dates in tool tip #1592
Create a new tab on the UI for change logs #1591
Prevent review status tool tip from closing if unhovered by click #1507
Redirect user to the desired page once the login process is completed #1504
Show the number of products in the tab #1394
Clicking on username in GUI header should show product permissions if product is open #1390

Changes

Taking out checks from the sensitive profile #1629
- cppcoreguidelines-no-malloc
- cppcoreguidelines-owning-memory
- cppcoreguidelines-pro-type-reinterpret-cast
- google-build-using-namespace
Severity level of google-build-using-namespace was changed to style #1629
Severity level of misc-redundant-expression was changed to medium #1627
Remove the build output from the build action hash. #1601
Fine tune log levels and db status logging #1633

Other

Change file format from dos to unix #1626
Tidy test updates (v6 outputs and Makefile) #1623
Enable verbose log in analyze tests #1622

codechecker - v6.7.0

Published by gyorb over 6 years ago

Report counting

Report counting was reviewed to give a consistent view in the
command line and at the web UI. The default views (without uniqueing)
shows the reports as they were found by the analyzers.

Consistent report/bug counting #1443 #1449 #1541

Support Clang v6

Some of the Clang6 checker severity levels were not classified #1568 #1557
Upgrade the checker profiles for Clang6 #1538

CTU on-the-fly

CTU can still work by dumping the AST to the disk. The on-the-fly option
managed the ASTs in memory.

Removing on-the-fly CTU functionality as it is not supported by Clang6 #1552

Checker renaming in Clang-tidy v6

Support for Clang-tidy 6 renamed checkers #1548

misc-assert-side-effect -> bugprone-assert-side-effect
misc-argument-comment -> bugprone-argument-comment
misc-bool-pointer-implicit-conversion -> bugprone-bool-pointer-implicit-conversion
misc-dangling-handle -> bugprone-dangling-handle
misc-fold-init-type -> bugprone-fold-init-type
misc-forward-declaration-namespace -> bugprone-forward-declaration-namespace
misc-inaccurate-erase -> bugprone-inaccurate-erase
misc-move-forwarding-reference -> bugprone-move-forwarding-reference
misc-multiple-statement-macro -> bugprone-multiple-statement-macro
misc-string-constructor -> bugprone-string-constructor
misc-use-after-move -> bugprone-use-after-move
misc-implicit-cast-in-loop -> performance-implicit-conversion-in-loop
misc-inefficient-algorithm -> performance-inefficient-algorithm
misc-move-const-arg -> performance-move-const-arg
misc-move-constructor-init -> performance-move-constructor-init
misc-noexcept-move-constructor -> performance-noexcept-move-constructor
readability-implicit-bool-cast -> readability-implicit-bool-conversion

New features/improvements

Component filters #846
It should be possible to diff two different tagged versions of the same run #1346
Generate index.html file by using PlistToHTML #1558
Review status C style comment format #1551
Skip duplicate reports when generating HTML output #1556
Enable passwordless token based authentication #1462
Getting the run results by providing the version tag #1496
Create separate filter options for cmd line #1497
Give better message when source files are missing #1537
Allow more product endpoint names to be valid #1530
LDAP hardening and tests #1305
List out version tag in command line #1485
List out latest version tag at runs command #1486
Show full file path in CodeChecker parse ouptut #1559
Handle more gcc/g++ arguments #1550
Command line header deduplication #1512
Improved relative path handling in the compile json #1553
Extend build command escaping in the logger #1506
Add -analyzer-config notes-as-events=true to the clang flags which will convert notes to events #1518
Skip compiler dependency generation actions from analysis #1488
bugprone-misplaced-operator-in-strlen-in-alloc checker added to severity map #1560
Adding static HTML output generation to the HOWTO. #1588

UI

Checks if no username supplied at login #1571
Show admins for each product #1474
Show bug path length for a report in bug report selection (left-hand, dropdown) #1505
Add check command to run history #1454
Extend html report information with checker name and severity #1546
Create tooltips for report table columns #1582
Detection status viewing and filtering together with uniqueing #1337
Show tooltip by hovering on unique checkbox label #1576
New column id in index.html at plistToHtml parser #1579
Unified report filter #1444 #1510
Highlight occurences of the selected text #1516
Clickable 'Entered call from' #508
Bug tooltip "Review status" should say what the icon means #1549
New detection date filter values #1437
New report count and uniqueing style on the UI #1586

Changes

Using NullPool for database connections #1584
Disable detection status if uniqueing is enabled #1513
Fix documentation #1583
Refactor list of products page #1489
Change analysis statistics total message #1499

Bug fixes

Skip reports at store #1566 #1575
Click on run history jumps to wrong tab #1392
Use file path from main section at plist-to-html #1573
Initialize run filters with the correct values #1577 #1580
Set default filter values on run history click #1574
Fix filtering based on detection dates #1569 #1567
Fix UI filter tooltip toggling items #1561
Command line diff does not do deduplication #1465
Allow html output only for diff and results at cmd #1515
Inline //codechecker_suppress comment is ineffective in static html output #1423
Apply ignore first, and ignore -flto flag. #1524
Fix non existing filter member #1540
Diff mode run history #1481
Change server startup timing for the tests #1535
"unsupported operand type(s)" when using a skipfile #1529
Ranges associated with issues are not highlighted #1514
Fix UI file path filter for run results #1521
In-line suppression is not considered by the parse command #1484
Do not highlight last bug path message if not absolutely last #1395
Do not use globals at bug filter view #1494
Fix review status comment typo handling #1547

Other

Bump up version to 6.7.0 #1498
Update readme with animation gif demo #1544
Split up analyze and parse tests #1406

codechecker - v6.6.0

Published by gyorb over 6 years ago

New features/Improvements

Support for Statistical Checkers (Experimental feature) #805
Multiple source code suppression comment format #1429
Handle more compiler flags unknown to clang #1431
Load run history asynchronously on the WebGUI #1472
Improve performance of bug path draw #1435
Extend product listing page with new fields #1364
Trim leading path from stored file paths #1411
Introduce a per product configurable run limit #1410
Improve user session handling at the server #1458
Improve api mismatch errors #1456
Product admins are able to nominate other users as product admins #1373
Rename file filter on the WebGUI #1438
Refactoring report filter UI #1401
Move thrift client call wrapper to a separate module #1448
User permission save error log improvement #1397
Adding report counting description the howto #1476
Exclude build actions which would compile a header file #1480
Fine tune statistics collectors ratio interval #1479
Skip linking action from compilation_database #1436

Changes

Remove BufferOverlap checker from the sensitive profile #1477

Bug fixes

CodeChecker check -o -c (clean switch) was ineffective #1421
Filter cmd line checker statistics #1416
Use consistent run name filter at cmd line #1417
Fix server product list mismatch in multi server #1471
Check command popup stick to right on the WebGUI #1393
If the run filter is cleaned it did not list the reports from all of the runs #1409
Checker name filter is not selected by clicking on a checker name in the statistics view #1347
In diff mode bug viewer cannot be opened #1466
Reset diff type filter items on change #1473
Build action map is created twice for pre analysis phase #1420
Fix thrift call wrapper host, port #1467
Fix errors found by pylint #1447
Fix diff type filter label #1439
Fix dependency gen problem in xerces #1419
Handle thrift error with fail callback on the WebGUI #1407
Server startup can be slow due to long dangling file garbage collection #1261
Support old suppress comment format files #1478

codechecker - v6.5.1

Published by gyorb over 6 years ago

Changes

Apply bug event and point to report id index #1377
Improve run deletion (session/synchronize) #1374
Set sqlalchemy pool size #1391
Sanity check for result storage and file content change #1320
At least one report directory should be mandatory for parse command #1343
Improve storage (severity handling) #1375
Order reports in the file view left hand pane by line #1358
Review status reason dialog should accept ENTER as submit if nothing is entered into textarea #1354
Update to Codemirror v5.25.0 #1355
Update to Jsplumb v2.2.0 #1380
Remove Google fonts #1381
Print the log level name by default #1370

Bug fixes

Clicking on a report in unique mode in bug overview not the selected report is shown #1365
Fix browser compatibility #1356
Suppress file import fails #1388
Pressing ESC in the review status reason window bolds the wrong status #1357
Regex printed weird into file filter selector but works right #1352
fix import in profiler and change output format #1376

codechecker - v6.5

Published by gyorb over 6 years ago

New features/Improvements

Web UI

Add regex based file filter in "all reports" tab and enable "select all files matching regex" #1162
Enable multiple selections of run name regex filters in all reports #1165
Remove review comment column from the bug list #1302

Command line

Extend command line filters with detection and review status #1312
Validate filter values in the command line #1345
Add total section for command line summary #1328
Support regex expressions for the run names in the command line #1322

Analyzers

Reanalyze without ctu on ctu failure (new command line argument --ctu-reanalyze-on-failure) #1297
Handle more Clang 5.0 unknown argument errors #1294
Use arch of the analyzer machine instead of the original one. #1308
Add a watcher to kill stuck jobs if analysis takes too much time (new argument --timeout) #1168

Server

Share user sessions through the database #1172
Prevent concurrent storage of the same run name from multiple shared servers #1138
Introduce storage limitations (run count) #1187
Do not limit run count for the server by default #1315

Documentation

User guide for using CodeChecker with BitBake #1329
Improvements to false positive guide. #1292
Fix the daily analysis integration template script always saying there are new bugs #1299

Changes

Improved logging #1048
Refactor plist to plaintext formatting (parse) #1334
Explicitly show version information in the build script output #1300
Add better diagnostics for ctu tests in case of failure #1298
Remove critical log from massStoreRun #1339
Remove soft session lifetime completely #1344

Bugfixes

Fix clicking on a uniqued bug #1330
Fix product editing #1310
Fix python-ldap not throwing exception on anonymous binds when it should #1296
Fix log format #1341
Remove the default log level #1338
Handle non existing session config file #1318
Fix logger initialization #1316
Fix typo of argument name resulting in name error #1317
Fix setup logger for command line #1314
Fix ctu_failure test not removing its test folder #1303
Disable plist update on plist parsing unit tests #1293
Remove run history by removing a run #1332
In diff view the bug path tree is not shown when viewing a report #1275
The current working directory may not exist. (debug tools) #1309

codechecker - v6.4

Published by gyorb almost 7 years ago

New features

Show bug path length column in Bug overview GUI #1209

Fixes

WebServer/GUI

Bug steps disappears when switching arrows on/off #1243
Highlight the actual bug step #1244
Fix shown reports in run history view #1264
Remove outdated bug paths from run results if the bug remains in run #1155
Fix run history tag count query #1283

Analysis

-idirafter gcc argument is not forwarded to clang analyzer #1267
Fix analysis performance degradation on 2.6.32 and older kernels. Use manager to share data between processes #1276
-Werror flag is removed from clang sa/clang tidy invocation #1279
alpha.cpluscplus.IteratorRange was remove from all checker profiles as the checker is unstable #1255

Command line client

cmd diff -o html does not work if -n is a report directory #1277
Use the proper environment for db operations otherwise db upgrade may fail #1251
Fix get diff hashes for new bugs #1259
Fix of diff command failure in case of sqlite database and large queries #1281

Improvements

Add session related comments to massStoreRun #1263

Package Rankings

Top 6.91% on Pypi.org

Top 8.17% on Proxy.golang.org

Top 8.57% on Npmjs.org

Top 25.97% on Conda-forge.org