From Fedora Project Wiki

(initial page creation)
 
Line 24: Line 24:
=== Static Code Analysis tools already in Fedora ===
=== Static Code Analysis tools already in Fedora ===
TODO
TODO
* [http://gcc.gnu.org/ gcc] - arguably we should pay more attention to the compiler warnings that gcc already generates: sometimes it's correctly pointing out a bug.
* [http://clang-analyzer.llvm.org/ clang static analyzer]
* [https://gcc-python-plugin.readthedocs.org/en/latest/cpychecker.html cpychecker] (part of gcc-python-plugin)
* [http://www.dwheeler.com/flawfinder/ flawfinder] (that page has a great list of links to other static analysis tools)


=== Package Want List ===
=== Package Want List ===

Revision as of 18:52, 14 December 2012

Fedora Static Analysis Special Interest Group (SIG)

(Note that this SIG is merely tentative for now)

Goal and Scope

TBD

dmalcolm is interested in making it easy to run static code analysis tools on all of Fedora, and having a sane system for getting useful information from the firehose of data that doing so is likely to generate. See http://lists.fedoraproject.org/pipermail/devel/2012-December/175232.html

See also the Formal Methods SIG with which there's clearly an overlap.

Mission and Plan

TBD

Members

Communication

TBD; Fedora's main devel list for now

Tasks

TODO

Static Code Analysis tools already in Fedora

TODO

  • gcc - arguably we should pay more attention to the compiler warnings that gcc already generates: sometimes it's correctly pointing out a bug.
  • clang static analyzer
  • cpychecker (part of gcc-python-plugin)
  • flawfinder (that page has a great list of links to other static analysis tools)

Package Want List

TODO