From 524fad42e1ac21a50411481a8182f2bac6d22c4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= Date: Sun, 12 Dec 2021 22:20:53 +0100 Subject: [PATCH 1/9] Remove useless ops --- src/types.cpp | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/types.cpp b/src/types.cpp index dc7981a9..f5c08c02 100644 --- a/src/types.cpp +++ b/src/types.cpp @@ -163,8 +163,6 @@ namespace Exiv2 { { if (size > size_) { delete[] pData_; - pData_ = nullptr; - size_ = 0; pData_ = new byte[size]; size_ = size; } From fec91a97f4d90100355cedf0bc79a0ceef8aa0b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= Date: Sun, 12 Dec 2021 22:21:42 +0100 Subject: [PATCH 2/9] add doc pvs studio --- .pvsconfig | 1 + doc/readme-pvs-studio.md | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 .pvsconfig create mode 100644 doc/readme-pvs-studio.md diff --git a/.pvsconfig b/.pvsconfig new file mode 100644 index 00000000..9a56d491 --- /dev/null +++ b/.pvsconfig @@ -0,0 +1 @@ +//-V::1042 diff --git a/doc/readme-pvs-studio.md b/doc/readme-pvs-studio.md new file mode 100644 index 00000000..22bc208e --- /dev/null +++ b/doc/readme-pvs-studio.md @@ -0,0 +1,25 @@ +# How to integrate PVS-Studio + +We obtained a free license of PVS-Studio due to the open source nature of Exiv2. + +## CMake integration + +To check a project configured with CMake, such as Exiv2, we need to generate the JSON compilation database. + +```bash +# Under an already configured "buildXXX" directory +cd buildXXX +cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON ... + +# Output file: compile_commands.json +``` + +The analysis starts with the following commands: + +```bash +export PVS_LICENSE=~/.config/PVS-Studio/PVS-Studio.lic +pvs-studio-analyzer analyze -l $PVS_LICENSE -o pvsStudio.log -j8 +plog-converter -a GA:1,2 -t tasklist pvsStudio.log -o pvsStudio.tasks +plog-converter -a GA:1,2 -t fullhtml pvsStudio.log -o pvsReportHtml +log-converter -a GA:1,2 -d V1042 -t fullhtml pvsStudio.log -o pvsReportHtml +``` \ No newline at end of file From 942d8669791a1c125bb1d1df55d9bde7a5f92785 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= Date: Thu, 27 Jan 2022 17:50:41 +0100 Subject: [PATCH 3/9] Add PVS-Studio to a Github action --- .../workflows/on_PR_linux_special_builds.yml | 63 ++++++++++++++++++- doc/readme-pvs-studio.md | 6 +- 2 files changed, 65 insertions(+), 4 deletions(-) diff --git a/.github/workflows/on_PR_linux_special_builds.yml b/.github/workflows/on_PR_linux_special_builds.yml index 092f8a4d..740c03b4 100644 --- a/.github/workflows/on_PR_linux_special_builds.yml +++ b/.github/workflows/on_PR_linux_special_builds.yml @@ -150,7 +150,7 @@ jobs: ctest --output-on-failure special_allEnabled: - name: 'Ubuntu 20.04 - GCC - All Options Enabled' + name: 'Ubuntu 20.04 - GCC - All Options Enabled + Documentation' runs-on: ubuntu-latest steps: @@ -196,3 +196,64 @@ jobs: - name: Generate documentation run: | make doc + + special_pvsStudio: + name: 'Ubuntu 20.04 - GCC - Static Analyzer: PVS-Studio' + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 2 + # Trying to deal with warning: -> Issue detecting commit SHA. Please run actions/checkout with fetch-depth > 1 or set to 0 + + - name: install dependencies + run: | + pip3 install conan==1.43.0 + sudo add-apt-repository ppa:ubuntu-lxc/daily -y + wget -q -O - https://files.pvs-studio.com/etc/pubkey.txt |sudo apt-key add - + sudo wget -O /etc/apt/sources.list.d/viva64.list https://files.pvs-studio.com/etc/viva64.list + sudo apt-get update -qq + sudo apt-get install -qq pvs-studio + + - name: Conan common config + run: | + conan profile new --detect default + conan profile update settings.compiler.libcxx=libstdc++11 default + + - name: Run Conan + run: | + mkdir build && cd build + conan profile list + conan profile show default + conan install .. -o webready=True --build missing + + - name: Configure + run: | + cd build && \ + cmake -DCMAKE_BUILD_TYPE=Debug \ + -DBUILD_SHARED_LIBS=ON \ + -DEXIV2_ENABLE_PNG=ON \ + -DEXIV2_ENABLE_WEBREADY=ON \ + -DEXIV2_ENABLE_CURL=ON \ + -DEXIV2_BUILD_UNIT_TESTS=ON \ + -DEXIV2_ENABLE_BMFF=ON \ + -DEXIV2_TEAM_WARNINGS_AS_ERRORS=ON \ + -DBUILD_WITH_COVERAGE=ON \ + -DCMAKE_INSTALL_PREFIX=install \ + -DCMAKE_EXPORT_COMPILE_COMMANDS=ON \ + .. \ + + - name: Static Analysis + run: | + pvs-studio-analyzer credentials $PVS_USERNAME $PVS_KEY -o PVS_license.lic + pvs-studio-analyzer analyze -l PVS_license.lic -o pvsStudio.log -j4 + plog-converter -a GA:1,2 -d V1042 -t fullhtml pvsStudio.log -o pvsReportHtml + + - uses: actions/upload-artifact@v2 + with: + name: static_analysis + path: pvsReportHtml + retention-days: 30 + + diff --git a/doc/readme-pvs-studio.md b/doc/readme-pvs-studio.md index 22bc208e..456b6ed6 100644 --- a/doc/readme-pvs-studio.md +++ b/doc/readme-pvs-studio.md @@ -11,7 +11,7 @@ To check a project configured with CMake, such as Exiv2, we need to generate the cd buildXXX cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON ... -# Output file: compile_commands.json +# Once the CMake configuration is done, we should obtain a output file 'compile_commands.json' ``` The analysis starts with the following commands: @@ -21,5 +21,5 @@ export PVS_LICENSE=~/.config/PVS-Studio/PVS-Studio.lic pvs-studio-analyzer analyze -l $PVS_LICENSE -o pvsStudio.log -j8 plog-converter -a GA:1,2 -t tasklist pvsStudio.log -o pvsStudio.tasks plog-converter -a GA:1,2 -t fullhtml pvsStudio.log -o pvsReportHtml -log-converter -a GA:1,2 -d V1042 -t fullhtml pvsStudio.log -o pvsReportHtml -``` \ No newline at end of file +plog-converter -a GA:1,2 -d V1042 -t fullhtml pvsStudio.log -o pvsReportHtml +``` From 928d8ee6367c07d39e2cfc1dc00680e8132c9862 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= Date: Thu, 27 Jan 2022 17:56:09 +0100 Subject: [PATCH 4/9] Allow to run special builds with manual dispatch --- .github/workflows/on_PR_linux_special_builds.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/on_PR_linux_special_builds.yml b/.github/workflows/on_PR_linux_special_builds.yml index 740c03b4..f4043bea 100644 --- a/.github/workflows/on_PR_linux_special_builds.yml +++ b/.github/workflows/on_PR_linux_special_builds.yml @@ -1,6 +1,8 @@ name: On PRs - Linux Special Builds -on: [pull_request] +on: + workflow_dispatch: + pull_request: jobs: special_debugRelease: From d0beefc69c721e8f0ccaf21355ab403057e99c74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= Date: Thu, 27 Jan 2022 18:11:49 +0100 Subject: [PATCH 5/9] Extracting secrets from github --- .github/workflows/on_PR_linux_special_builds.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/on_PR_linux_special_builds.yml b/.github/workflows/on_PR_linux_special_builds.yml index f4043bea..a95e6429 100644 --- a/.github/workflows/on_PR_linux_special_builds.yml +++ b/.github/workflows/on_PR_linux_special_builds.yml @@ -247,6 +247,9 @@ jobs: .. \ - name: Static Analysis + env: + PVS_USERNAME: ${{ secrets.PVS_USERNAME }} + PVS_KEY: ${{ secrets.PVS_KEY }} run: | pvs-studio-analyzer credentials $PVS_USERNAME $PVS_KEY -o PVS_license.lic pvs-studio-analyzer analyze -l PVS_license.lic -o pvsStudio.log -j4 From 41d010cb08d225550de934b722c3fe9979300423 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= Date: Thu, 27 Jan 2022 18:49:28 +0100 Subject: [PATCH 6/9] Run pvs-studio from build directorin where json file is --- .github/workflows/on_PR_linux_special_builds.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/on_PR_linux_special_builds.yml b/.github/workflows/on_PR_linux_special_builds.yml index a95e6429..39bd5cb9 100644 --- a/.github/workflows/on_PR_linux_special_builds.yml +++ b/.github/workflows/on_PR_linux_special_builds.yml @@ -251,6 +251,7 @@ jobs: PVS_USERNAME: ${{ secrets.PVS_USERNAME }} PVS_KEY: ${{ secrets.PVS_KEY }} run: | + cd build pvs-studio-analyzer credentials $PVS_USERNAME $PVS_KEY -o PVS_license.lic pvs-studio-analyzer analyze -l PVS_license.lic -o pvsStudio.log -j4 plog-converter -a GA:1,2 -d V1042 -t fullhtml pvsStudio.log -o pvsReportHtml @@ -258,7 +259,7 @@ jobs: - uses: actions/upload-artifact@v2 with: name: static_analysis - path: pvsReportHtml + path: build/pvsReportHtml retention-days: 30 From 6f2d5c651995d1b8004186f101139242b013d5fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= Date: Thu, 27 Jan 2022 19:22:08 +0100 Subject: [PATCH 7/9] Reduce retention days to 7 I did this change because I saw the following warning on the Github Actions page: "Retention days is greater than the max value allowed by the repository setting, reduce retention to 7 days" --- .github/workflows/on_PR_linux_special_builds.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/on_PR_linux_special_builds.yml b/.github/workflows/on_PR_linux_special_builds.yml index 39bd5cb9..975c319a 100644 --- a/.github/workflows/on_PR_linux_special_builds.yml +++ b/.github/workflows/on_PR_linux_special_builds.yml @@ -260,6 +260,6 @@ jobs: with: name: static_analysis path: build/pvsReportHtml - retention-days: 30 + retention-days: 7 From 87f0708bc729dbec3f4e838e87552c72bf1074cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= Date: Fri, 28 Jan 2022 07:33:22 +0100 Subject: [PATCH 8/9] Be more explicit in codecov.yml --- codecov.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/codecov.yml b/codecov.yml index 1a6f3dc3..63c065e7 100644 --- a/codecov.yml +++ b/codecov.yml @@ -1,4 +1,8 @@ -ignore: - - "xmpsdk" # Not interested about the coverage of XMKSDK - - "unitTests" - - "samples" +codecov: + branch: main + precision: 2 + range: "60..100" + ignore: + - "xmpsdk" # Not interested about the coverage of XMKSDK + - "unitTests" + - "samples" From 4746bb46af0c88790b8eb0bffd804eb61597e14a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= Date: Sat, 5 Feb 2022 11:25:51 +0100 Subject: [PATCH 9/9] cmake: export compile commands --- cmake/mainSetup.cmake | 2 ++ doc/readme-pvs-studio.md | 8 +++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/cmake/mainSetup.cmake b/cmake/mainSetup.cmake index 9580d533..1ea9debe 100644 --- a/cmake/mainSetup.cmake +++ b/cmake/mainSetup.cmake @@ -8,6 +8,8 @@ include(CMakeDependentOption) include(cmake/JoinPaths.cmake) include(CTest) +set(CMAKE_EXPORT_COMPILE_COMMANDS ON) + set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) diff --git a/doc/readme-pvs-studio.md b/doc/readme-pvs-studio.md index 456b6ed6..e54afd84 100644 --- a/doc/readme-pvs-studio.md +++ b/doc/readme-pvs-studio.md @@ -12,9 +12,10 @@ cd buildXXX cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON ... # Once the CMake configuration is done, we should obtain a output file 'compile_commands.json' +# NOTE: This option is enabled by default inside our CMake configuration (see cmake/mainSetup.cmake) ``` -The analysis starts with the following commands: +The analysis starts by running the following commands: ```bash export PVS_LICENSE=~/.config/PVS-Studio/PVS-Studio.lic @@ -23,3 +24,8 @@ plog-converter -a GA:1,2 -t tasklist pvsStudio.log -o pvsStudio.tasks plog-converter -a GA:1,2 -t fullhtml pvsStudio.log -o pvsReportHtml plog-converter -a GA:1,2 -d V1042 -t fullhtml pvsStudio.log -o pvsReportHtml ``` + +## CI + +The PVS username & key are configured as secrets in the security settings of the project. Then we make use of such +secrets in the Github workflow named `special_pvsStudio`.