Menu
I have a project on GitHub with an automated build on Travis CI. The current revision of my code (buildfix branch, commit 3ebc41a8b4738bce926b39cc3869c6dce8bed9bc) is succeeding, even though I have one static analyzer issue. This is the xcodebuild command:
xcodebuild -workspace UnrarKit.xcworkspace -scheme UnrarKit -sdk macosx -configuration Release analyze test
I also have "Treat Warnings as Errors" set to YES for the whole project (for Release builds). I get this output from xcodebuild:
The following commands produced analyzer issues: Analyze Classes/URKArchive.mm (1 command with analyzer issues)
I reproduced this with xcodebuild in my local Terminal with the same result.
Why does xcodebuild still return 0 and allow my build to succeed? Why allow xcodebuild to analyze in the first place if the results can't be used? If it's a bug, I'll file it with Apple, but at the moment I'm open to the possibility I'm doing something wrong.
845
This type of code analysis checks for problematic constructions against a set of rules, while simulating decision paths to dig deeper into the application and root out hard-to-find defects, such as null pointer dereferences, buffer overflows, and security defects such as tainted data.
Unreachable code (or) Dead Code. Programming standards violations. Security vulnerabilities.
One of the primary reasons why (static application security testing) static analysis is so important is that it lets you thoroughly analyze all of your code without even executing it. It is because of this fact that it is able to detect vulnerabilities in even the most distant and unattended portions of the code also.
What Is Static Code Analysis? Static analysis is a method of debugging that is done by automatically examining the source code without having to execute the program. This provides developers with an understanding of their code base and helps ensure that it is compliant, safe, and secure.
I think that it's the expected behavior to return 0. After all the last log is ** ANALYZE SUCCEEDED **. You can get html reports with
xcodebuild -workspace UnrarKit.xcworkspace -scheme UnrarKit -sdk macosx -configuration Release analyze test CLANG_ANALYZER_OUTPUT=html CLANG_ANALYZER_OUTPUT_DIR=analyzer
find analyzer -name *.html
I'm also trying to find a way to make it return something else than 0, the only thing I came up with is:
xcodebuild analyze ... && [[ -z `find analyzer -name "*.html"` ]]
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With