Motivation
Facebook has developed this cool Open Source tool to detect bugs in Java and C/C++/Objective-C code and it will be a great addition to huskyCI analysis.
It would be great if
We have all the necessary code to scan these new languages!
What we expect
- A working container of Infer that outputs a JSON after running the analysis in a particular folder. Similar to this to be uploaded to Docker Hub as
huskyci/infer:latest.
- Add into
config.yaml commands needed to run inside the securityTest container.
- Adjust
context.go to have the new Infer securityTest configs.
- Add new error messages related to Infer in
messagecodes.go.
- Add a new file into
securitytest package and adjust its logic to now handle Infer output.
- Add new code into client analysis package to print to STDOUT Infer results.
Tips
- Search how a particular securityTest work and apply the same logic (Ctrl + F + "bandit" will do 🙃).
Motivation
Facebook has developed this cool Open Source tool to detect bugs in Java and C/C++/Objective-C code and it will be a great addition to huskyCI analysis.
It would be great if
We have all the necessary code to scan these new languages!
What we expect
huskyci/infer:latest.config.yamlcommands needed to run inside the securityTest container.context.goto have the new Infer securityTest configs.messagecodes.go.securitytestpackage and adjust its logic to now handle Infer output.Tips