Conversation
greenc-FNAL
commented
Nov 19, 2025
greenc-FNAL
commented
- feature: Add GCC static analyzer workflow
- feat: Modernize gcc-analyzer-check workflow
This commit introduces a new GitHub Actions workflow to build the project with the GCC static analyzer enabled. This provides a valuable second opinion on code quality and helps ensure compatibility with both Clang and GCC, complementing the existing clang-tidy checks. The implementation follows the project's established conventions by: - Adding a new `ENABLE_GCC_ANALYZER` option to the CMake configuration. - Encapsulating the analyzer logic in a dedicated CMake module, `Modules/private/EnableGccAnalyzer.cmake`. - Creating a new workflow file, `.github/workflows/gcc-analyzer-check.yaml`, that leverages the project's reusable actions for a consistent CI setup.
Brings the `gcc-analyzer-check.yaml` workflow up to date with practices in other workflows. - Pins the `actions/checkout` action to a specific commit hash for security and reproducibility. - Uses the `@main` branch reference for reusable actions to prevent executing un-reviewed code from a pull request. - Sets explicit, minimal `permissions` for each job to follow the principle of least privilege.
|
Review the full CodeQL report for details. |
Codecov Report✅ All modified and coverable lines are covered by tests. @@ Coverage Diff @@
## main #125 +/- ##
==========================================
- Coverage 80.31% 80.15% -0.16%
==========================================
Files 115 115
Lines 1910 1910
Branches 302 302
==========================================
- Hits 1534 1531 -3
- Misses 247 249 +2
- Partials 129 130 +1
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report in Codecov by Sentry.
🚀 New features to boost your workflow:
|
|
@greenc-FNAL, I'm sorry to say that I don't think we can include this check in our list of checks. At the top of https://gcc.gnu.org/wiki/StaticAnalyzer:
I think we'll need to rely on |
2 participants
