Re: First sonar static analysis results

Luca Muscariello


is the integration made from the github mirror or directly from gerrit?
We are using coverity for hicn but I agree that sonar cloud looks way better.

I'd love to test for hicn.


On Thu, Mar 26, 2020 at 8:37 PM Dave Barach via Lists.Fd.Io <> wrote:

As with Coverity, Sonar seems primed to bitch about a set of things which aren't real. For example:

   vlib_buffer_advance (b0, -sizeof(ip_header_t));


#define DEBUG_FOO 0

if (DEBUG_FOO > 0)

The UI is nice, the workflow isn't awful, and the tool runs reasonably fast.

Thanks to Eric Ball for walking me through the process. I'll write it up in detail for our CI folks.


Join to automatically receive all group messages.