Open kripton opened 6 months ago
If there are no objections (looking @peternewman :D), I would install the SonarCloud app into the ola repository using my account and permissions. See: https://github.com/apps/sonarcloud
This also goes along the lines of #1889 and #1890 which have been on the table for a bit. We should really get those reviewed/merged before considering more analysis otherwise the additional analysis may not result in improvements.
My personal C++ stack currently contains:
-Werror
: This seems like a given but often isn't on by default-Werror -Wextra -Wall -Wfloat-equal -Wconversion -Wparentheses -pedantic -Wunused-parameter -Wunused-variable -Wreturn-type -Wunused-function -Wredundant-decls -Wreturn-type -Wunused-value -Wswitch-default -Wuninitialized -Winit-self
As discussed during the PlugFest, OLA might benefit from running some kind of static code analysis. While I'm perfectly open to alternatives, I do like how SonarQube / SonarCloud reports issues and there is GitHub Actions integration, including PR-annotation (as we currently do with codespell). Also, SonarCloud is free for Open Source projects:
(from https://www.sonarsource.com/open-source-editions/, FAQ entry "Are the products always free? ")
Thus, I would propose to enable SonarCloud integration for OLA.