Enable static analysis on pull request

[bvbfan]

I would like to see a static analysis tool to be performed on pull request. Static analysis tools helps a lot from finding flaws to enforce code quality / readability. It has ready-to-use solutions in marketplace like https://github.com/marketplace/muse-dev it incorporates open source tools like Facebook's Infer, https://github.com/marketplace/actions/clang-tidy-review clang-tidy is another excellent tool by LLVM or the classic and long-standing tool like cppcheck https://github.com/marketplace/actions/cppcheck-action. Increasing readability, beautify, well defined code can direct reflect in security by preventing potentiation flaws or undefined behaviours.

[defichain-bot]

@bvbfan: Thanks for opening an issue, it is currently awaiting triage.

The triage/accepted label can be added by foundation members by writing /triage accepted in a comment.

Details

I am a bot created to help the DeFiCh developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the DeFiCh/oss-governance-bot repository.

[Bushstar]

Excellent idea. I'd vote for clang-tidy-review as that is built into CLion and works well, the cppcheck plugin for CLion has poor reviews as it does not appear to be kept updated for later versions. To be honest I'd be happy with any of the suggestions above.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[prasannavl]

/triage accepted