Google Git
Sign in
fuchsia / shac-project / shac / fdbeaaf87bc38b3f9cd7407e6866c970bf8650ff
commitfdbeaaf87bc38b3f9cd7407e6866c970bf8650ff[log] [tgz]
authorOliver Newman <olivernewman@google.com>Thu Jun 29 19:34:44 2023 +0000
committerCQ Bot <fuchsia-internal-scoped@luci-project-accounts.iam.gserviceaccount.com>Thu Jun 29 19:34:44 2023 +0000
tree2a2ac6f6d073986f144ec3b24cbfd514a8219594
parenta2a79ebaaf6e8854b13aee32e8cfdc3e2da46669 [diff]
Add roadmap to README

This will help me keep track of features to implement, and help shac
users understand what features are missing but planned.

Change-Id: Ifd6f14a4d10066d6042dfd415b87024f69bd718d
Reviewed-on: https://fuchsia-review.googlesource.com/c/shac-project/shac/+/879273
Commit-Queue: Auto-Submit <auto-submit@fuchsia-infra.iam.gserviceaccount.com>
Fuchsia-Auto-Submit: Oliver Newman <olivernewman@google.com>
Reviewed-by: Danny Rosen <dannyrosen@google.com>
1 file changed
tree: 2a2ac6f6d073986f144ec3b24cbfd514a8219594
  1. .github/
  2. doc/
  3. images/
  4. internal/
  5. scripts/
  6. .gitignore
  7. AUTHORS
  8. check_doc.star
  9. codecov.yml
  10. CONTRIBUTING.md
  11. go.mod
  12. go.star
  13. go.sum
  14. LICENSE
  15. licenses.star
  16. main.go
  17. OWNERS
  18. PATENTS
  19. README.md
  20. shac.star
  21. shac.textproto
README.md

shac

Shac (Scalable Hermetic Analysis and Checks) is a unified and ergonomic tool and framework for writing and running static analysis checks.

Shac checks are written in Starlark.

usage demonstration

Usage

go install go.fuchsia.dev/shac-project/shac@latest
shac check
shac doc shac.star | less

Documentation

Road map

Planned features/changes, in descending order by priority:

  • [ ] Automatic fix application with handling for conflicting suggestions
  • [ ] Configuring files to exclude from shac analysis in shac.textproto
  • [ ] Include unstaged files in analysis, including respecting unstaged shac.star files
  • [ ] Provide a .shac cache directory that checks can write to
  • [ ] Mount checkout directory read-only
  • [ ] Built-in formatting of Starlark files
  • [ ] Configurable “pass-throughs” - non-default environment variables and mounts that can optionally be passed through to the sandbox
  • [ ] Add glob arguments to ctx.scm.{all,affected}_files() functions for easier filtering
  • [ ] Filesystem sandboxing on MacOS
  • [ ] Windows sandboxing

Contributing

⚠ The source of truth is at https://fuchsia.googlesource.com/shac-project/shac.git and uses Gerrit for code review.

See CONTRIBUTING.md to submit changes.