[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[spitball] integrating analyzers into build systems
From: |
raingloom |
Subject: |
[spitball] integrating analyzers into build systems |
Date: |
Sun, 16 May 2021 21:22:42 +0200 |
Would it make sense to run analyzers like Infer or MyPy at build time?
Maybe have something like --with-debug, so if there is an analyzer-log
output, only then is Infer ran?
In theory these tools are more useful for developers, but it's still
potentially useful to independently analyze our software for memory
safety and other errors, but also the build might run in or target an
environment the upstream developer didn't anticipate, for example when
cross compiling, or it could just straight up be patched and not
identical to whatever upstream verified as working.
Could also just be used to scan our software for vulnerabilities.
Anyways, just throwing this out there. I don't think it would have
immediate benefits, but it could be nice in the long term.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [spitball] integrating analyzers into build systems,
raingloom <=