Releases: Ericsson/codechecker
v6.8.0
New features
Command line features
- #1635 Comparison of report directories from the command line (without database)
Example:CodeChecker cmd diff -b /path/to/report_dir_base -n /path/to/report_dir_new --new
Analysis Related features
-
#1654 Fine grain control of warnings
It will be possible to enable/disable clang warnings one-by-one. Example: CodeChecker analyze
/path/to/build.log -o /path/to/output/dir --enable Wunused --disable Wno-unused-parameter
Allow to set Clang Static Analyzer and Tidy checker options from CodeChecker command line See ticket (2018-Q3) -
#1703 Analyzer Configuration It is supported to set all clang-tidy and clang static analyzer parameters such as -analyzer-inline-max-stack-depth, - analyzer-max-loop through configuration files. For details see pull request.
-
#1728 Configuration of Statistical Checkers
It will be possible to configure the significanceRatio and the minimumSampleCount for the statistical checkers:
alpha.ericsson.statisticsbased.SpecialReturnValue, alpha.ericsson.statisticsbased.UncheckedReturnValue. See issue. -
#1720 Default C/C++ standard auto-detection
Detect automatically which C/C++ standard was used for compilation by gcc and pass the relevant option to Clang (e.g. -std=c++11) . See issue.
Web UI features
-
#1675 Filter reports by report hash
It will be possible to filter findings on the WEB GUI and command line based on bug hash. For details see pull request. -
#1686 Filters for the checker statics page in WEB UI
Extended filters will be added to the statistics page. For details see pull request.
Possibility to delete reports based on filters in the WEB UI -
#1624 Management (edit/add/delete) source code component definitions in the WEB UI
-
#1721 Upload Analyzer Statistics to the central server
For each analysis run, the following statistics is collected and uploaded to the central server and shown for all runs (and also in the run history): files that were successfully analyzed or analyze with failiure, CodeChecker version used for analysis, clang version used for analysis.
Bug Fixes
#1737 handle missing documentation file
#1736 Increase API version
#1735 fine tune error logs
#1734 Renaming statistical test file to cpp
#1733 Fixing exception when shutting down server process
#1732 Making the test server start synchronous
#1731 Fixing the make file
#1728 New configuration options for statistical counting
#1727 Hide Remove filtered reports button
#1726 Fix some JS and python alerts
#1723 calculate bug path length at store (schema change)
#1722 Zombie processes remain on analysis interruption
#1719 Query reports only when shown.
#1717 improve error handling for packaging
#1716 update dojotoolkit link for download
#1715 change component filtering behavior
#1714 Introducing clang-tidy config options file on the command line interface.
#1713 Print statistics at the end of parse command
#1712 Describe new features of v6.8
#1711 Removing run reports in chunks Kind: Bugfix Target: Server
#1710 Add new checker profile: portability
#1708 Fix JavaScript old browser compatibility
#1707 Fix long line in failure_lib.py
#1706 Update web userguide
#1705 Fixed Spelling.
#1703 add checker and analyzer configuration documentation
#1702 Fix checker name filter Kind: Bugfix Target: WebGUI
#1701 Pass severity map dictionary instead of the file
#1699 Encode html entities in PlistToHtml parser
#1695 Handle invalid json files Kind: Bugfix
#1694 increase scan-build version for osx install
#1690 Fix confirmed bug icon at Checker statistics page
#1689 restructure python requirements files
#1685 Fasten tests Kind: Bugfix
#1682 Extend filter text input field hint with example
#1681 Set default severity level for compiler warnings
#1680 Enable -Wall and -Wextra warnings by default
#1679 Multiline messages are displayed properly
#1678 Set default filter values at Checker statistics
#1677 Fix CTU test
#1676 Fix utf8 error at diff when generating html output
#1675 Filter reports by report hash at the command line
#1672 Ignore target dependent -mabi compiler option.
#1670 Call getSeverityCounts correctly
#1669 Fix compiler warning test cases
#1668 sysroot parameter can be given multiple ways
#1667 Update group field of the users tokens on login
#1664 Filter results by report hash on the GUI Kind: Enhancement Target: WebGUI
#1663 Plist to html browser support
add .envrc to gitignore Kind: Usability
#1662 add .envrc to gitignore Kind: Usability
#1660 Allow more product endpoint names to be valid Kind: Enhancement Target: Server
#1658 Fix tidy output converter
#1657 rename compile log file name in the bitbake example
#1655 Set file path after items are added to bug tree
#1650 Use valid license name
#1648 Summarize results for source files at parse cmd
#1645 Add statistics checkers' flags to CodeChecker check sub-command
#1644 Minor fix in documentation
#1641 Fix non existing report in the GUI
#1640 Distinguish BuildAction objects on original build command
v6.7.1
Bug Fixes
- Open file with universal line endings #1631, #1625
- Fix tidy fixit parsing #1620
- Fix get report data while generating HTML reports #1610
- Fix AttributeError: 'Namespace' object has no attribute 'skip_file' #1607
- Filter values are removed when switching tabs #1603
- Filter run history based on the selected run filter #1602
- Fix source component filter and add more tests #1600
- Fix removing source component #1597
- Fix source component filter query in pgsql #1595
- Fix getProducts API function to do exact match #1594
- Fix userguide #1590
- Locale compare and Diff view shows different results #1432
- Review status hover on last element on table flows outside viewport #1385
- Fix run history tab value in the URL on show event #1634
Improvements
- Handle yet another unknown GCC flag (-mfloat-gprs=double) #1618
- Increase performance of the UI #1613
- Handle gcc-toolchain flag #1605
- Support source component filter in the command line #1596
- Update web userguide #1593
- Show detection status dates in tool tip #1592
- Create a new tab on the UI for change logs #1591
- Prevent review status tool tip from closing if unhovered by click #1507
- Redirect user to the desired page once the login process is completed #1504
- Show the number of products in the tab #1394
- Clicking on username in GUI header should show product permissions if product is open #1390
Changes
- Taking out checks from the sensitive profile #1629
- cppcoreguidelines-no-malloc
- cppcoreguidelines-owning-memory
- cppcoreguidelines-pro-type-reinterpret-cast
- google-build-using-namespace
- Severity level of google-build-using-namespace was changed to style #1629
- Severity level of misc-redundant-expression was changed to medium #1627
- Remove the build output from the build action hash. #1601
- Fine tune log levels and db status logging #1633
Other
v6.7.0
Report counting
Report counting was reviewed to give a consistent view in the
command line and at the web UI. The default views (without uniqueing)
shows the reports as they were found by the analyzers.
Support Clang v6
- Some of the Clang6 checker severity levels were not classified #1568 #1557
- Upgrade the checker profiles for Clang6 #1538
CTU on-the-fly
CTU can still work by dumping the AST to the disk. The on-the-fly option
managed the ASTs in memory.
- Removing on-the-fly CTU functionality as it is not supported by Clang6 #1552
Checker renaming in Clang-tidy v6
- Support for Clang-tidy 6 renamed checkers #1548
misc-assert-side-effect -> bugprone-assert-side-effect
misc-argument-comment -> bugprone-argument-comment
misc-bool-pointer-implicit-conversion -> bugprone-bool-pointer-implicit-conversion
misc-dangling-handle -> bugprone-dangling-handle
misc-fold-init-type -> bugprone-fold-init-type
misc-forward-declaration-namespace -> bugprone-forward-declaration-namespace
misc-inaccurate-erase -> bugprone-inaccurate-erase
misc-move-forwarding-reference -> bugprone-move-forwarding-reference
misc-multiple-statement-macro -> bugprone-multiple-statement-macro
misc-string-constructor -> bugprone-string-constructor
misc-use-after-move -> bugprone-use-after-move
misc-implicit-cast-in-loop -> performance-implicit-conversion-in-loop
misc-inefficient-algorithm -> performance-inefficient-algorithm
misc-move-const-arg -> performance-move-const-arg
misc-move-constructor-init -> performance-move-constructor-init
misc-noexcept-move-constructor -> performance-noexcept-move-constructor
readability-implicit-bool-cast -> readability-implicit-bool-conversion
New features/improvements
- Component filters #846
- It should be possible to diff two different tagged versions of the same run #1346
- Generate index.html file by using PlistToHTML #1558
- Review status C style comment format #1551
- Skip duplicate reports when generating HTML output #1556
- Enable passwordless token based authentication #1462
- Getting the run results by providing the version tag #1496
- Create separate filter options for cmd line #1497
- Give better message when source files are missing #1537
- Allow more product endpoint names to be valid #1530
- LDAP hardening and tests #1305
- List out version tag in command line #1485
- List out latest version tag at runs command #1486
- Show full file path in
CodeChecker parse
ouptut #1559 - Handle more gcc/g++ arguments #1550
- Command line header deduplication #1512
- Improved relative path handling in the compile json #1553
- Extend build command escaping in the logger #1506
- Add
-analyzer-config notes-as-events=true
to the clang flags which will convert notes to events #1518 - Skip compiler dependency generation actions from analysis #1488
- bugprone-misplaced-operator-in-strlen-in-alloc checker added to severity map #1560
- Adding static HTML output generation to the HOWTO. #1588
UI
- Checks if no username supplied at login #1571
- Show admins for each product #1474
- Show bug path length for a report in bug report selection (left-hand, dropdown) #1505
- Add check command to run history #1454
- Extend html report information with checker name and severity #1546
- Create tooltips for report table columns #1582
- Detection status viewing and filtering together with uniqueing #1337
- Show tooltip by hovering on unique checkbox label #1576
- New column id in index.html at plistToHtml parser #1579
- Unified report filter #1444 #1510
- Highlight occurences of the selected text #1516
- Clickable 'Entered call from' #508
- Bug tooltip "Review status" should say what the icon means #1549
- New detection date filter values #1437
- New report count and uniqueing style on the UI #1586
Changes
- Using NullPool for database connections #1584
- Disable detection status if uniqueing is enabled #1513
- Fix documentation #1583
- Refactor list of products page #1489
- Change analysis statistics total message #1499
Bug fixes
- Skip reports at store #1566 #1575
- Click on run history jumps to wrong tab #1392
- Use file path from main section at plist-to-html #1573
- Initialize run filters with the correct values #1577 #1580
- Set default filter values on run history click #1574
- Fix filtering based on detection dates #1569 #1567
- Fix UI filter tooltip toggling items #1561
- Command line diff does not do deduplication #1465
- Allow html output only for diff and results at cmd #1515
- Inline //codechecker_suppress comment is ineffective in static html output #1423
- Apply ignore first, and ignore -flto flag. #1524
- Fix non existing filter member #1540
- Diff mode run history #1481
- Change server startup timing for the tests #1535
- "unsupported operand type(s)" when using a skipfile #1529
- Ranges associated with issues are not highlighted #1514
- Fix UI file path filter for run results #1521
- In-line suppression is not considered by the parse command #1484
- Do not highlight last bug path message if not absolutely last #1395
- Do not use globals at bug filter view #1494
- Fix review status comment typo handling #1547
Other
v6.6.0
New features/Improvements
- Support for Statistical Checkers (Experimental feature) #805
- Multiple source code suppression comment format #1429
- Handle more compiler flags unknown to clang #1431
- Load run history asynchronously on the WebGUI #1472
- Improve performance of bug path draw #1435
- Extend product listing page with new fields #1364
- Trim leading path from stored file paths #1411
- Introduce a per product configurable run limit #1410
- Improve user session handling at the server #1458
- Improve api mismatch errors #1456
- Product admins are able to nominate other users as product admins #1373
- Rename file filter on the WebGUI #1438
- Refactoring report filter UI #1401
- Move thrift client call wrapper to a separate module #1448
- User permission save error log improvement #1397
- Adding report counting description the howto #1476
- Exclude build actions which would compile a header file #1480
- Fine tune statistics collectors ratio interval #1479
- Skip linking action from compilation_database #1436
Changes
- Remove BufferOverlap checker from the sensitive profile #1477
Bug fixes
- CodeChecker check -o -c (clean switch) was ineffective #1421
- Filter cmd line checker statistics #1416
- Use consistent run name filter at cmd line #1417
- Fix server product list mismatch in multi server #1471
- Check command popup stick to right on the WebGUI #1393
- If the run filter is cleaned it did not list the reports from all of the runs #1409
- Checker name filter is not selected by clicking on a checker name in the statistics view #1347
- In diff mode bug viewer cannot be opened #1466
- Reset diff type filter items on change #1473
- Build action map is created twice for pre analysis phase #1420
- Fix thrift call wrapper host, port #1467
- Fix errors found by pylint #1447
- Fix diff type filter label #1439
- Fix dependency gen problem in xerces #1419
- Handle thrift error with fail callback on the WebGUI #1407
- Server startup can be slow due to long dangling file garbage collection #1261
- Support old suppress comment format files #1478
v6.5.1
Changes
- Apply bug event and point to report id index #1377
- Improve run deletion (session/synchronize) #1374
- Set sqlalchemy pool size #1391
- Sanity check for result storage and file content change #1320
- At least one report directory should be mandatory for parse command #1343
- Improve storage (severity handling) #1375
- Order reports in the file view left hand pane by line #1358
- Review status reason dialog should accept ENTER as submit if nothing is entered into textarea #1354
- Update to Codemirror v5.25.0 #1355
- Update to Jsplumb v2.2.0 #1380
- Remove Google fonts #1381
- Print the log level name by default #1370
Bug fixes
- Clicking on a report in unique mode in bug overview not the selected report is shown #1365
- Fix browser compatibility #1356
- Suppress file import fails #1388
- Pressing ESC in the review status reason window bolds the wrong status #1357
- Regex printed weird into file filter selector but works right #1352
- fix import in profiler and change output format #1376
v6.5
New features/Improvements
Web UI
- Add regex based file filter in "all reports" tab and enable "select all files matching regex" #1162
- Enable multiple selections of run name regex filters in all reports #1165
- Remove review comment column from the bug list #1302
Command line
- Extend command line filters with detection and review status #1312
- Validate filter values in the command line #1345
- Add total section for command line summary #1328
- Support regex expressions for the run names in the command line #1322
Analyzers
- Reanalyze without ctu on ctu failure (new command line argument --ctu-reanalyze-on-failure) #1297
- Handle more Clang 5.0 unknown argument errors #1294
- Use arch of the analyzer machine instead of the original one. #1308
- Add a watcher to kill stuck jobs if analysis takes too much time (new argument --timeout) #1168
Server
- Share user sessions through the database #1172
- Prevent concurrent storage of the same run name from multiple shared servers #1138
- Introduce storage limitations (run count) #1187
- Do not limit run count for the server by default #1315
Documentation
- User guide for using CodeChecker with BitBake #1329
- Improvements to false positive guide. #1292
- Fix the daily analysis integration template script always saying there are new bugs #1299
Changes
- Improved logging #1048
- Refactor plist to plaintext formatting (parse) #1334
- Explicitly show version information in the build script output #1300
- Add better diagnostics for ctu tests in case of failure #1298
- Remove critical log from massStoreRun #1339
- Remove soft session lifetime completely #1344
Bugfixes
- Fix clicking on a uniqued bug #1330
- Fix product editing #1310
- Fix python-ldap not throwing exception on anonymous binds when it should #1296
- Fix log format #1341
- Remove the default log level #1338
- Handle non existing session config file #1318
- Fix logger initialization #1316
- Fix typo of argument name resulting in name error #1317
- Fix setup logger for command line #1314
- Fix ctu_failure test not removing its test folder #1303
- Disable plist update on plist parsing unit tests #1293
- Remove run history by removing a run #1332
- In diff view the bug path tree is not shown when viewing a report #1275
- The current working directory may not exist. (debug tools) #1309
v6.4
New features
- Show bug path length column in Bug overview GUI #1209
Fixes
WebServer/GUI
- Bug steps disappears when switching arrows on/off #1243
- Highlight the actual bug step #1244
- Fix shown reports in run history view #1264
- Remove outdated bug paths from run results if the bug remains in run #1155
- Fix run history tag count query #1283
Analysis
-idirafter
gcc argument is not forwarded to clang analyzer #1267- Fix analysis performance degradation on 2.6.32 and older kernels. Use manager to share data between processes #1276
- -Werror flag is removed from clang sa/clang tidy invocation #1279
alpha.cpluscplus.IteratorRange
was remove from all checker profiles as the checker is unstable #1255
Command line client
cmd diff -o html
does not work if -n is a report directory #1277- Use the proper environment for db operations otherwise db upgrade may fail #1251
- Fix get diff hashes for new bugs #1259
- Fix of diff command failure in case of sqlite database and large queries #1281
Improvements
- Add session related comments to massStoreRun #1263
v6.3
New
- Include paths from environment variables in analysis phase #1184
--include
flags shouldn't be skipped during analysis #1237- In anonymous mode allow superuser permission #1137
- Understand HTTPS product and server URLs without a port specified as 443 #1146
- Showing severity report count at the statistics page #1104
- Enable copy-paste for links #1164
- How to handle false positives HOWTO #1185
- Feature comparison of cmd and webgui #1197
- Performance/stress tests #808
- Command line diff performance improvements #956
- Show unique bug count in the run list page (instead of non unique) #1202
- Include paths from environment variables in analysis phase #1184
- Schema migration support of product databases #351
- Mount the same configuration database to multiple servers #876
Changes
- New report storage method: store every single bug report even if hash clashes, remove outdated resolved paths at run update #1213
- Put full date in log messages not only the time #1214
- Improve comments for the LDAP authentication #1217
- Rename some column labels #1200
- Use absolute path in logger #1097
- Upgrade SQLAchemy to 1.1.11 #1107
- Improve performance of report filters #1038
- Do not reparse unchanged files to get suppression to improve performance #1231
- Don't log as error if multiple source and triple is present in the log file #1230
- Update plist file with report hash #1239
- File cleanup refactoring #1131
Bug fix
- Fix run storage error (AddFileRecord return value) #1215
- Update line and column fields of report #1106
- Mismatch between filter result count and number of listed reports #1093
- Wrong handling of builtin includes during CTU collect phase #1143
- --enable-all with other options doesn't run most of the clang-tidy checkers #1148
- Server should not start in case of incorrectly formatted json file #1149
- Exception is thrown if product name is not specified #1174
- Exception is thrown while parsing compilation json #1180
- After a run is deleted the counter is not updated #1152
- Bug tree shows issues from all runs even if one run selected #1117
- Remove gcc intrinsic and include-fixed include directories from analysis #1183
- Ordering by File when Unique reports are enabled doesn't give an alphabetical order #1198
- Handle more plist parsing errors #1225
- Remove linecache usage #1227
- Review status false positive is not set #1223
- Failure zip does not contain all dependent headers (CTU) #1159
- Make sure that file is closed if plist parsing fails #1216
- Don't attempt to add the same file multiple times to the ZIP #1234
- Generate report hash fix #1235
- Fix server general exception #1242
- Do not store same bug from plist files #1247
v6.2.1
Bug fixes
- Web GUI filters for Checker name now shows the full list of checkers, not just the first 10. (#1156)
--enable-all
given tocheck
was not passed through toanalyze
. (#1163)- Fixed a bug at compiler target detection (#1180)
- Fixed a connection handling issue to LDAP authentication backends. (#1139)
- Fix CodeChecker making Clang-SA/Tidy use system GCC headers instead of the Clang's ones. (#1144, #1173)
Enhancements
- URLs in the command-line specifying
http://
orhttps://
should use port80
and443
respectively, if an explicit port is not given. (#1146, #1150, #1175) - CodeChecker server will now refuse to start if the
session_config.json
file is malformed. (#1151) - Comparing a local result folder to a run stored on the server has received a massive performance improvement. (#1169)
Miscellaneous
v6.2
New features
- Local Compare mode (
CodeChecker cmd diff
) can generate HTML files with bug path #748 - Show number of runs on the list of runs view #1079
- Show the granted permissions for the currently logged in user on the GUI #875
Enhancements
- Introduce better (debug) logging for CTU analysis #886, #1069, #1100, #1050
- Group reports only by bug hash when uniqueing #1121
- Make sure query strings and filters cannot be used for SQL attacks #902
- Report storage session improvements for large amount of reports #1072
- Add icons for tabs #1086
- Development environment improvements #1105
- Logging improvements #1119
Bug fixes
clang-tidy
hash was incorrectly generated in some cases which caused some false new reports shown in diff view #1114- Fix Analysis failure if multiple cross-compiler was used (compilation target is registered per build action) #1099
- Relative paths in compilation database were not properly handled at analysis which caused some analysis failures #1116
- Performance improvement of unresponsive server (when the results contained thousands of files) #1053
- Show the supported browser version #1084
- Bad function parameter call at statistics #1103
- Product page error in Firefox #1101
- Fix a typo in the doc for psql commands #1108
- Bug report was not opened correctly when opened from the
All Reports
view #1118
Changes
-
Remove
cppcoreguidelines-pro-type-vararg
from the sensitive profile #1080Two checkers are conflicting and causing the analyzer to hang, until the checkers are fixed
we removed the checker from the sensitive profile so it will not be enabled implicitly.