commit | c359648c94352b2e746c340df5a5b2814a4961fb | [log] [tgz] |
---|---|---|
author | Oliver Newman <olivernewman@google.com> | Thu Jul 20 14:58:21 2023 +0000 |
committer | CQ Bot <fuchsia-internal-scoped@luci-project-accounts.iam.gserviceaccount.com> | Thu Jul 20 14:58:21 2023 +0000 |
tree | 63a92e1da7b504bc248b5d1855f9968facaabdac | |
parent | 83402f069e0e917b9a38f027b89f276bbe96f484 [diff] |
[engine] Implement `shac fix` It runs all checks just like `shac check`, but then applies all suggested fixes that have `level="error"` and exactly one suggested replacement. There are a few UX issues that will need fixing in follow-up changes: - It silently skips applying fixes for any findings that overlap with earlier findings that also have fixes applied. We should at the very least emit a warning when this happens, if not rerun the checks to regenerate the suggested fixes and apply them until there are no conflicts. - The command-line output is simplistic and inconsistent in styling with the output of `shac check` - It applies fixes from all checks, even though the vast majority of the time people will probably only care to apply fixes from formatters. Change-Id: I9b924b9c16e26d093fb91b070af62068717bb5cc Reviewed-on: https://fuchsia-review.googlesource.com/c/shac-project/shac/+/879282 Commit-Queue: Oliver Newman <olivernewman@google.com> Fuchsia-Auto-Submit: Oliver Newman <olivernewman@google.com> Reviewed-by: Marc-Antoine Ruel <maruel@google.com>
Shac (Scalable Hermetic Analysis and Checks) is a unified and ergonomic tool and framework for writing and running static analysis checks.
Shac checks are written in Starlark.
go install go.fuchsia.dev/shac-project/shac@latest shac check shac doc shac.star | less
Planned features/changes, in descending order by priority:
shac.textproto
shac.star
files.shac
cache directory that checks can write toctx.scm
glob
arguments to ctx.scm.{all,affected}_files()
functions for easier filtering⚠ The source of truth is at https://fuchsia.googlesource.com/shac-project/shac.git and uses Gerrit for code review.
See CONTRIBUTING.md to submit changes.