Static code analysis is an important component of all modern projects. Even more important is its correct application. We decided to organize a regular check of some open source projects to see the effect of frequent running of the analyzer. We use the PVS-Studio analyzer to check projects, and we will view the results using SonarQube. So our subscribers will learn about new interesting bugs in the code we just wrote. We think it will be funny.
- ? , , , "" , , , . , , , , . — : , . , , , . – .
, , , . , – . , , . , , (, ).
open source – , ( ) . , — , , , – . - , Twitter.
, , open source .
Blender. , .
c PVS-Studio – SonarQube. : SonarQube, .
SonarQube
PVS-Studio : , , , . , PVS-Studio, SonarQube.
. . SonarQube . , PostgreSQL. .
PostgreSQL
CREATE USER sonar WITH PASSWORD '12345';
pgAdmin. sonarqube CREATE DATABASE, :
CREATE DATABASE sonarqube OWNER sonar;
, SonarQube.
SonarQube
SonarQube. . . C:\sonarqube\sonarqube-8.5.1.38104.
C:\sonarqube\sonarqube-8.5.1.38104\conf\sonar.properties. :
sonar.jdbc.username=sonar
sonar.jdbc.password=12345
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube
SonarQube . PVS-Studio. , PVS-Studio, C:\Program Files (x86)\PVS-Studio. sonar-pvs-studio-plugin.jar. SonarQube C:\sonarqube\sonarqube-8.5.1.38104\extensions\plugins. sonar-cxx-plugin, . sonar-cxx-plugin-1.3.2.1853.jar. C:\sonarqube\sonarqube-8.5.1.38104\extensions\plugins.
SonarQube, C:\sonarqube\sonarqube-8.5.1.38104\bin\windows-x86-64\StartSonar.bat.
web-. sonarServer:9000, sonarServer — , SonarQube.
Quality Profile
(quality profile) — SonarQube, . PVS-Studio , , - , . SonarQube .
Quality Profile, Quality Profiles Create, .
( ), PVS-Studio Way, – C++. Create.
Rules, Repository PVS-Studio C++. Bulk Change Activate In, , PVS-Studio Way.
SonarQube .
PVS-Studio.
:
git clone https://github.com/blender/blender.git
:
make.bat full nobuild
, build_windows_Full_x64_vc15_Release\INSTALL.vcxproj.
"c:\\Program Files (x86)\\PVS-Studio\\PVS-Studio_Cmd.exe" \
-t build_windows_Full_x64_vc15_Release\\Blender.sln \
-o blender.plog --sonarqubedata -r
blender.plog sonar-project.properties, SonarQube. sonar-scanner.
Sonar scanner
. , , , D:\sonar\sonar-scanner-4.5.0.2216-windows. D:\sonar\sonar-scanner-4.5.0.2216-windows\conf\sonar-scanner.properties, :
sonar.host.url=http://sonarServer:9000
sonarServer – , SonarQube.
:
D:\sonar\sonar-scanner-4.5.0.2216-windows\sonar-scanner.bat \
-Dsonar.projectKey=blender -Dsonar.projectName=blender \
-Dsonar.projectVersion=1.0 \
-Dsonar.pvs-studio.reportPath=blender.plog
, (blender.plog sonar-project.properties).
Continuous Integration , , Jenkins.
, . , open source "" , open source . , – , , .
, : Evgeniy Ovsyannikov. Just for Fun: PVS-Studio Team Came Up With Monitoring Quality of Some Open Source Projects.