tools/clang-tidy/config.yaml

   1 ---
   2 target: obj-x86_64-pc-linux-gnu
   3 # It is used by 'mach static-analysis' and 'phabricator static-analysis bot'
   4 # in order to have consistency across the used checkers.
   5 # All the clang checks used by the static-analysis tools.
   6 #
   7 # To add a new checker:
   8 # 1. Add it in this file
   9 # 2. Create a C/C++ test case in tools/clang-tidy/test/ reproducing the
  10 #    warning/error that the checker will detect
  11 # 3. Run './mach static-analysis autotest -d' to create the reference
  12 # 4. Check the json file in tools/clang-tidy/test/
  13 # 5. Commit this file + the .cpp test case + the json result
  14 platforms:
  15   - linux64
  16   - macosx64
  17   - win32
  18   - win64
  19 # Minimum clang-tidy version that is required for all the following checkers
  20 # to work properly.
  21 # This is also used by 'mach clang-format'
  22 package_version: "16.0.2"
  23 clang_checkers:
  24   - name: -*
  25     publish: !!bool no
  26   - name: bugprone-argument-comment
  27     reliability: high
  28   - name: bugprone-assert-side-effect
  29     reliability: high
  30   - name: bugprone-bool-pointer-implicit-conversion
  31     reliability: low
  32   - name: bugprone-forward-declaration-namespace
  33     reliability: high
  34   - name: bugprone-incorrect-roundings
  35     reliability: high
  36   - name: bugprone-integer-division
  37     reliability: high
  38   - name: bugprone-macro-parentheses
  39     reliability: medium
  40   - name: bugprone-macro-repeated-side-effects
  41     reliability: high
  42   - name: bugprone-misplaced-widening-cast
  43     reliability: high
  44   - name: bugprone-move-forwarding-reference
  45     reliability: high
  46   - name: bugprone-multiple-statement-macro
  47     # Incompatible with our code base, see bug 1496379.
  48     publish: !!bool no
  49     reliability: high
  50   - name: bugprone-sizeof-expression
  51     reliability: high
  52   - name: bugprone-string-constructor
  53     reliability: high
  54   - name: bugprone-string-integer-assignment
  55     reliability: high
  56   - name: bugprone-suspicious-memset-usage
  57     reliability: high
  58   - name: bugprone-suspicious-missing-comma
  59     reliability: high
  60   - name: bugprone-suspicious-semicolon
  61     reliability: high
  62   - name: bugprone-suspicious-string-compare
  63     reliability: high
  64   - name: bugprone-swapped-arguments
  65     reliability: high
  66   - name: bugprone-too-small-loop-variable
  67     reliability: high
  68   - name: bugprone-unused-raii
  69     reliability: high
  70   - name: bugprone-use-after-move
  71     reliability: high
  72   - name: clang-analyzer-core.CallAndMessage
  73     reliability: medium
  74   - name: clang-analyzer-core.DivideZero
  75     reliability: high
  76   - name: clang-analyzer-core.NonNullParamChecker
  77     reliability: high
  78   - name: clang-analyzer-core.NullDereference
  79     reliability: medium
  80   - name: clang-analyzer-core.UndefinedBinaryOperatorResult
  81     reliability: medium
  82   - name: clang-analyzer-core.uninitialized.Assign
  83     reliability: medium
  84   - name: clang-analyzer-core.uninitialized.Branch
  85     reliability: medium
  86   - name: clang-analyzer-cplusplus.Move
  87     reliability: high
  88   - name: clang-analyzer-cplusplus.NewDelete
  89     reliability: medium
  90   - name: clang-analyzer-cplusplus.NewDeleteLeaks
  91     reliability: medium
  92   - name: clang-analyzer-deadcode.DeadStores
  93     reliability: high
  94   - name: clang-analyzer-optin.performance.Padding
  95     reliability: high
  96     config:
  97       - key: AllowedPad
  98         value: 2
  99   - name: clang-analyzer-security.FloatLoopCounter
 100     reliability: high
 101   - name: clang-analyzer-security.insecureAPI.bcmp
 102     reliability: high
 103   - name: clang-analyzer-security.insecureAPI.bcopy
 104     reliability: high
 105   - name: clang-analyzer-security.insecureAPI.bzero
 106     reliability: high
 107   - name: clang-analyzer-security.insecureAPI.getpw
 108     reliability: high
 109   # We don't add clang-analyzer-security.insecureAPI.gets here; it's deprecated.
 110   - name: clang-analyzer-security.insecureAPI.mkstemp
 111     reliability: high
 112   - name: clang-analyzer-security.insecureAPI.mktemp
 113     reliability: high
 114   - name: clang-analyzer-security.insecureAPI.rand
 115     reliability: low
 116     # C checker, that is outdated and doesn't check for the new std::rand calls.
 117     publish: !!bool no
 118   - name: clang-analyzer-security.insecureAPI.strcpy
 119     reliability: low
 120     # The functions that should be used differ on POSIX and Windows, and there
 121     # isn't a consensus on how we should approach this.
 122     publish: !!bool no
 123   - name: clang-analyzer-security.insecureAPI.UncheckedReturn
 124     reliability: low
 125   - name: clang-analyzer-security.insecureAPI.vfork
 126     reliability: medium
 127   - name: clang-analyzer-unix.Malloc
 128     reliability: high
 129   - name: clang-analyzer-unix.cstring.BadSizeArg
 130     reliability: high
 131   - name: clang-analyzer-unix.cstring.NullArg
 132     reliability: high
 133   - name: cppcoreguidelines-narrowing-conversions
 134     reliability: high
 135   - name: cppcoreguidelines-pro-type-member-init
 136     reliability: medium
 137   - name: misc-non-copyable-objects
 138     reliability: high
 139   - name: misc-redundant-expression
 140     reliability: medium
 141   - name: misc-unused-alias-decls
 142     reliability: high
 143   - name: misc-unused-using-decls
 144     reliability: high
 145   - name: modernize-avoid-bind
 146     restricted-platforms:
 147       - win32
 148       - win64
 149     reliability: medium
 150   - name: modernize-concat-nested-namespaces
 151     reliability: high
 152   - name: modernize-deprecated-ios-base-aliases
 153     reliability: high
 154   - name: modernize-loop-convert
 155     reliability: high
 156   - name: modernize-raw-string-literal
 157     reliability: high
 158   - name: modernize-redundant-void-arg
 159     reliability: high
 160     # We still have some old C code that is built with a C compiler, so this
 161     # might break the build.
 162     publish: !!bool no
 163   - name: modernize-shrink-to-fit
 164     reliability: high
 165   - name: modernize-use-auto
 166     reliability: high
 167     # Controversial, see bug 1371052.
 168     publish: !!bool no
 169   - name: modernize-use-bool-literals
 170     reliability: high
 171   - name: modernize-use-equals-default
 172     reliability: high
 173   - name: modernize-use-equals-delete
 174     reliability: high
 175   - name: modernize-use-nullptr
 176     reliability: high
 177   - name: modernize-use-override
 178     reliability: low
 179     # Too noisy because of the way how we implement NS_IMETHOD. See Bug 1420366.
 180     publish: !!bool no
 181   - name: modernize-use-using
 182     reliability: high
 183   - name: mozilla-*
 184     reliability: high
 185   - name: performance-faster-string-find
 186     reliability: high
 187   - name: performance-for-range-copy
 188     reliability: high
 189   - name: performance-implicit-conversion-in-loop
 190     reliability: high
 191   - name: performance-inefficient-algorithm
 192     restricted-platforms:
 193       - linux64
 194       - macosx64
 195     reliability: high
 196     # Disable as the test does not support C++17 yet
 197     publish: !!bool no
 198   - name: performance-inefficient-string-concatenation
 199     reliability: high
 200   - name: performance-inefficient-vector-operation
 201     reliability: high
 202   - name: performance-move-const-arg
 203     reliability: high
 204     config:
 205       - key: CheckTriviallyCopyableMove
 206         # As per Bug 1558359 - disable detection of trivially copyable types
 207         # that do not have a move constructor.
 208         value: 0
 209   - name: performance-move-constructor-init
 210     reliability: high
 211   - name: performance-noexcept-move-constructor
 212     reliability: high
 213   - name: performance-type-promotion-in-math-fn
 214     reliability: high
 215   - name: performance-unnecessary-copy-initialization
 216     reliability: high
 217   - name: performance-unnecessary-value-param
 218     reliability: high
 219   - name: readability-braces-around-statements
 220     reliability: high
 221     config:
 222       - key: ShortStatementLines
 223         # Allow `if (foo) return;` without braces
 224         # Still warns on `if (foo)\n return;`
 225         value: 1
 226   - name: readability-const-return-type
 227     reliability: high
 228   # Note: this can be loosened up by using the ShortStatementLines option
 229   - name: readability-container-size-empty
 230     reliability: high
 231   - name: readability-delete-null-pointer
 232     reliability: high
 233   - name: readability-else-after-return
 234     reliability: high
 235     config:
 236       - key: WarnOnConditionVariables
 237         # Disable as we don't mind this kind of behavior
 238         value: 0
 239   - name: readability-implicit-bool-conversion
 240     reliability: low
 241     # On automation the config flags act strange. Please see Bug 1500241.
 242     publish: !!bool no
 243     config:
 244       - key: AllowIntegerConditions
 245         # The check will allow conditional integer conversions.
 246         value: 1
 247       - key: AllowPointerConditions
 248         # The check will allow conditional pointer conversions.
 249         value: 1
 250   - name: readability-inconsistent-declaration-parameter-name
 251     reliability: high
 252   - name: readability-isolate-declaration
 253     # As per bug 1558987 - we don't want to have this enabled
 254     publish: !!bool no
 255     reliability: high
 256   - name: readability-magic-numbers
 257     # Bug 1553495 - we must see first its impact on our code.
 258     publish: !!bool no
 259     reliability: high
 260   - name: readability-misleading-indentation
 261     reliability: high
 262   - name: readability-non-const-parameter
 263     reliability: high
 264   - name: readability-qualified-auto
 265     reliability: high
 266   - name: readability-redundant-control-flow
 267     reliability: high
 268   - name: readability-redundant-preprocessor
 269     reliability: high
 270   - name: readability-redundant-smartptr-get
 271     reliability: high
 272   - name: readability-redundant-string-cstr
 273     reliability: high
 274   - name: readability-redundant-string-init
 275     reliability: high
 276   - name: readability-static-accessed-through-instance
 277     reliability: high
 278   - name: readability-simplify-boolean-expr
 279     reliability: high
 280     config:
 281       - key: SimplifyDeMorgan
 282         # Don't want to enable DeMorgan expressions because of MOZ_ASSERT()
 283         # See Bug 1804160
 284         value: 0
 285   - name: readability-uniqueptr-delete-release
 286     reliability: high
 287   # We don't publish the google checkers since we are interested in only having
 288   # a general idea how our code complies with the rules added by these checkers.
 289   - name: google-build-explicit-make-pair
 290     reliability: low
 291     publish: !!bool no
 292   - name: google-build-namespaces
 293     reliability: low
 294     publish: !!bool no
 295   - name: google-build-using-namespace
 296     reliability: low
 297     publish: !!bool no
 298   - name: google-default-arguments
 299     reliability: low
 300     publish: !!bool no
 301   - name: google-explicit-constructor
 302     reliability: low
 303     publish: !!bool no
 304   - name: google-global-names-in-headers
 305     reliability: low
 306     publish: !!bool no
 307   - name: google-readability-casting
 308     reliability: low
 309     publish: !!bool no
 310   - name: google-readability-function-size
 311     reliability: low
 312     publish: !!bool no
 313   - name: google-readability-namespace-comments
 314     reliability: low
 315     publish: !!bool no
 316   - name: google-readability-todo
 317     reliability: low
 318     publish: !!bool no
 319   - name: google-runtime-int
 320     reliability: low
 321     publish: !!bool no
 322   - name: google-runtime-operator
 323     reliability: low
 324     publish: !!bool no
 325   - name: google-runtime-references
 326     reliability: low
 327     publish: !!bool no