Closed ni4 closed 2 years ago
@ni4 I've added LGTM, and we need to configure its build:
Relevant link: https://lgtm.com/help/lgtm/customizing-code-extraction
Sample configuration file:
extraction:
cpp:
prepare:
packages:
- libboost-all-dev
- bison
configure:
command:
- ./bootstrap
- ./configure --with-modules="" --without-lua
index:
build_command:
- ./project-builder.sh
Badge:
[![Total alerts](https://img.shields.io/lgtm/alerts/g/rnpgp/rnp.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/rnpgp/rnp/alerts/)
@ronaldtse Ok, I'll (try to) handle this!
@ronaldtse Could you please disable unneeded languages (all except C/C++/Python, I guess), like described here: https://help.semmle.com/lgtm-enterprise/admin/help/disabling-analysis-language.html ? Cannot do that since not a repository administrator.
@ni4 I cannot see any "administration" options as per the help article. No method to enable/disable. By default, all languages are enabled... Let's try to merge #1649 to see if it helps.
@ronaldtse thanks for checking! Let's see how it would go.
Finally working! I had to copy/paste your YAML file into the "Test analysis configuration" box, run it, wait for it to finish, then it works.
https://lgtm.com/projects/g/rnpgp/rnp/logs/languages/lang:cpp
@ni4 would it be possible to disable the other failing languages?
@ronaldtse I see this message at the 'Logs' page:
Other languages
The following languages are not included when determining the overall build status. This is because the project doesn't use these languages, analysis of the languages hasn't been tried, or the build has never succeeded. If the languages are used and failed to build, you can use the "Test analysis configuration" button above to try the build with a custom analysis configuration.
Soo looks like it's okay - only succeeded languages would run, until we add support for more. Will push some cli_tests fixes PR soon to see whether it would report something for C++ as well.
Thanks @ni4 ! They already provide alerts, there is are 3 for C++, 31 for Python, which are just tests 😉 Closing this and posting the rest separately
Description
LGTM.com: Continuous security analysis
A code analysis platform for finding zero-days and preventing critical vulnerabilities