search

argtable / argtable3

A single-file, ANSI C, command-line parsing library that parses GNU-style command-line options.
http://www.argtable.org
Other
372 stars 65 forks source link

ci: run clang-tidy and generate Github code scanning report #81

Closed igrr closed 1 year ago

igrr commented 1 year ago

Related to https://github.com/argtable/argtable3/issues/70

This PR adds a Github Actions job which:

Clang-tidy is currently run with a minimal set of checks, which produces around 9 warnings in this repository. If we enable all the bugprone-* checks, that will be several hundred more, so some cleanup is necessary if we want to enable those. The config is located in .clang-tidy file.

The alerts for the existing code will appear at https://github.com/argtable/argtable3/security/code-scanning. That page is visible only to repository collaborators with Write and higher levels of access. (Not sure why Github has such a limit; anyone can fork a repository and then see the alerts reported in their fork!)

If a pull request introduces a new alert, it will be shown in the PR as a note.

Example run of this workflow in my fork: https://github.com/igrr/argtable3/actions/runs/3371072231.

Example screenshots: ## Summary of alerts: Screenshot 2022-11-01 at 17 19 11 ## Details of one alert: Screenshot 2022-11-01 at 17 19 37
tomghuang commented 1 year ago

@igrr : Thanks a lot for this patch. I'll learn how GitHub Actions work and try to fix the issues found by Clang-Tidy.