[spitball] integrating analyzers into build systems

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[spitball] integrating analyzers into build systems

From:	raingloom
Subject:	[spitball] integrating analyzers into build systems
Date:	Sun, 16 May 2021 21:22:42 +0200

Would it make sense to run analyzers like Infer or MyPy at build time?
Maybe have something like --with-debug, so if there is an analyzer-log
output, only then is Infer ran?

In theory these tools are more useful for developers, but it's still
potentially useful to independently analyze our software for memory
safety and other errors, but also the build might run in or target an
environment the upstream developer didn't anticipate, for example when
cross compiling, or it could just straight up be patched and not
identical to whatever upstream verified as working.

Could also just be used to scan our software for vulnerabilities.

Anyways, just throwing this out there. I don't think it would have
immediate benefits, but it could be nice in the long term.

[Prev in Thread]

Current Thread

[Next in Thread]

[spitball] integrating analyzers into build systems, raingloom <=

Prev by Date: Re: What’s next?
Next by Date: Re: What’s next?
Previous by thread: Re: branch master updated: gnu: Add emacs-wucuo.
Next by thread: Re: Questions regarding Python packaging
Index(es):
- Date
- Thread