Code Climate CLI

Related tags

Code Analysis docker quality static-code-analysis static-analysis code-quality codeclimate hacktoberfest codeclimate-engine climate-cli
Overview

Code Climate CLI

Code Climate CircleCI

Overview

codeclimate is a command line interface for the Code Climate analysis platform. It allows you to run Code Climate engines on your local machine inside of Docker containers.

Prerequisites

The Code Climate CLI is distributed and run as a Docker image. The engines that perform the actual analyses are also Docker images. To support this, you must have Docker installed and running locally. We also require that the Docker daemon supports connections on the default Unix socket /var/run/docker.sock.

On macOS, we recommend using Docker for Mac.

Installation

macOS

brew tap codeclimate/formulae
brew install codeclimate

To update the brew package, use brew update first:

brew update
brew upgrade codeclimate

Anywhere

curl -L https://github.com/codeclimate/codeclimate/archive/master.tar.gz | tar xvz
cd codeclimate-* && sudo make install

To upgrade to a newer version, just run those steps again.

Manual Docker invocation

The above packages pull the docker image and install a shell script wrapper. In some cases you may want to run the docker image directly.

To pull the docker image:

docker pull codeclimate/codeclimate

To invoke the CLI via Docker:

docker run \
  --interactive --tty --rm \
  --env CODECLIMATE_CODE="$PWD" \
  --volume "$PWD":/code \
  --volume /var/run/docker.sock:/var/run/docker.sock \
  --volume /tmp/cc:/tmp/cc \
  codeclimate/codeclimate help

Project setup

Configuration

No explicit configuration is needed: by default codeclimate analyze will evaluate supported source files in your repository using our maintainability checks. To change default configuration to customize how the maintainability checks are evaluated, or to turn on open source plugins, see our documentation on advanced configuration.

Plugin installation

Plugins, or "engines", are the docker images that run analysis tools. We support many different plugins, and will only install the ones necessary to run analysis. As part of setting up your project, we recommend running codeclimate engines:install from within your repository before running codeclimate analyze, and after adding any new plugins to your configuration file.

Running analysis

Once you've installed plugins and made any necessary changes to your configuration, run codeclimate analyze to run analysis and see a report on any issues in your repository.

Commands

A list of available commands is accessible by running codeclimate or codeclimate help.

$ codeclimate help

Available commands:
    analyze [-f format] [-e engine[:channel]] [--dev] [path]
    console
    engines:install
    engines:list
    help [command]
    prepare [--allow-internal-ips]
    validate-config
    version

The following is a brief explanation of each available command.

  • analyze Analyze all relevant files in the current working directory. All engines that are enabled in your .codeclimate.yml file will run, one after another. The -f (or format) argument allows you to set the output format of the analysis (using json, text, or html). The --dev flag lets you run engines not known to the CLI, for example if you're an engine author developing your own, unreleased image.

    You can optionally provide a specific path to analyze. If not provided, the CLI will analyze your entire repository, except for your configured exclude_paths. When you do provide an explicit path to analyze, your configured exclude_paths are ignored, and normally excluded files will be analyzed.

    You can also pipe in source in combination with a path to analyze code that is not yet written to disk. This is useful when you want to check if your source code style matches the project's. This is also a good way to implement integration with an editor to check style on the fly.

  • console start an interactive session providing access to the classes within the CLI. Useful for engine developers and maintainers.

  • engines:install Compares the list of engines in your .codeclimate.yml file to those that are currently installed, then installs any missing engines and checks for new images available for existing engines.

  • engines:list Lists all available engines in the Code Climate Docker Hub .

  • help Displays a list of commands that can be passed to the Code Climate CLI.

  • validate-config Validates the .codeclimate.yml file in the current working directory.

  • version Displays the current version of the Code Climate CLI.

Environment Variables

  • To run codeclimate in debug mode:

    CODECLIMATE_DEBUG=1 codeclimate analyze

    Prints additional information about the analysis steps, including any stderr produced by engines.

  • To increase the amount of time each engine container may run (default 15 min):

    # 30 minutes
CONTAINER_TIMEOUT_SECONDS=1800 codeclimate analyze

  • You can also configure the default alotted memory with which each engine runs (default is 1,024,000,000 bytes):

    # 2,000,000,000 bytes
ENGINE_MEMORY_LIMIT_BYTES=2000000000 codeclimate analyze

Copyright

See LICENSE

Comments
  • EngineFailure error on fresh install

    EngineFailure error on fresh install

    Hey, I just created a new codeclimate.yml using codeclimate init, validated the config and tried to run codeclimate analyze. I got the following error

    error: (CC::Analyzer::Engine::EngineFailure) engine rubocop failed with status 1 and stderr "/usr/lib/ruby/gems/2.2.0/gems/rubocop-0.31.0/lib/rubocop/target_finder.rb:121:ininitialize': Permission denied @ rb_sysopen - /code/dd (Errno::EACCES)\n\tfrom /usr/lib/ruby/gems/2.2.0/gems/rubocop-0.31.0/lib/rubocop/target_finder.rb:121:in open'\n\tfrom /usr/lib/ruby/gems/2.2.0/gems/rubocop-0.31.0/lib/rubocop/target_finder.rb:121:inruby_executable?'\n\tfrom /usr/lib/ruby/gems/2.2.0/gems/rubocop-0.31.0/lib/rubocop/target_finder.rb:78:in to_inspect?'\n\tfrom /usr/lib/ruby/gems/2.2.0/gems/rubocop-0.31.0/lib/rubocop/target_finder.rb:65:inblock in target_files_in_dir'\n\tfrom /usr/lib/ruby/gems/2.2.0/gems/rubocop-0.31.0/lib/rubocop/target_finder.rb:64:in select'\n\tfrom /usr/lib/ruby/gems/2.2.0/gems/rubocop-0.31.0/lib/rubocop/target_finder.rb:64:intarget_files_in_dir'\n\tfrom /usr/lib/ruby/gems/2.2.0/gems/rubocop-0.31.0/lib/rubocop/target_finder.rb:31:in find'\n\tfrom /usr/lib/ruby/gems/2.2.0/gems/rubocop-0.31.0/lib/rubocop/runner.rb:41:infind_target_files'\n\tfrom /usr/src/app/lib/cc/engine/rubocop.rb:18:in block in run'\n\tfrom /usr/src/app/lib/cc/engine/rubocop.rb:16:inchdir'\n\tfrom /usr/src/app/lib/cc/engine/rubocop.rb:16:in run'\n\tfrom /usr/src/app/bin/codeclimate-rubocop:6:in

    '\n"`

    The contents of my yml are:

    engines:
  rubocop:
    enabled: true
ratings:
  paths:
  - "**.rb"
exclude_paths:
- config/**/*
- db/**/*
- test/**/*
- vendor/**/*

    Any thoughts?

    opened by alexpjohnson 35
  • Engine attempting to access excluded files

    Engine attempting to access excluded files

    I'm on codeclimate 0.2.8 running the following config:

    
---
engines:
  eslint:
    enabled: true
  csslint:
    enabled: false
  fixme:
    enabled: true
  watson:
    enabled: true
ratings:
  paths:
  - "app/**"
exclude_paths:
- bower_components/**/*
- dist/**/*
- node_modules/**/*
- tests/**/*
- tmp/**/*
- vendor/**/*

    I get the following error for codeclimate analyze:

    Starting analysis
Running eslint: Done!
error: (CC::Analyzer::Engine::EngineFailure) engine eslint failed with status 1 and stderr
/usr/src/app/node_modules/glob/sync.js:321
        throw er
              ^
Error: EACCES, permission denied '/code/tmp/asset_rewrite-cache_path-RFcmONBd.tmp'
    at Error (native)
    at Object.fs.readdirSync (fs.js:761:18)
    at GlobSync._readdir (/usr/src/app/node_modules/glob/sync.js:275:41)
    at GlobSync._readdirInGlobStar (/usr/src/app/node_modules/glob/sync.js:254:20)
    at GlobSync._readdir (/usr/src/app/node_modules/glob/sync.js:263:17)
    at GlobSync._processGlobStar (/usr/src/app/node_modules/glob/sync.js:330:22)
    at GlobSync._process (/usr/src/app/node_modules/glob/sync.js:128:10)
    at GlobSync._processGlobStar (/usr/src/app/node_modules/glob/sync.js:363:10)
    at GlobSync._process (/usr/src/app/node_modules/glob/sync.js:128:10)
    at GlobSync._processGlobStar (/usr/src/app/node_modules/glob/sync.js:363:10)

    The project is an Ember 1.12 app w/ over 32,000 lines of code across 200+ files.

    I thought the issue was related to https://github.com/codeclimate/codeclimate-eslint/issues/1, but even disabling eslint surfaces the same error for the fixme engine instead. Seems to be something with the CLI itself, then.

    opened by elwayman02 34
  • Analyze simply hangs

    Analyze simply hangs

    When I run docker run \ --interactive --tty --rm \ --env CODE_PATH="$PWD" \ --volume "$PWD":/code \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume /tmp/cc:/tmp/cc \ codeclimate/codeclimate

    I get the help list with what commands are available

    Running docker run \ --interactive --tty --rm \ --env CODE_PATH="$PWD" \ --volume "$PWD":/code \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume /tmp/cc:/tmp/cc \ codeclimate/codeclimate analyze

    simply hangs with no output whatsoever. :confused:

    docker run \ --interactive --tty --rm \ --env CODE_PATH="$PWD" \ --volume "$PWD":/code \ --volume /var/run/docker.sock:/var/run/docker.sock \ --volume /tmp/cc:/tmp/cc \ codeclimate/codeclimate validate-config

    outputs: No errors or warnings found in .codeclimate.yml file.

    My .codeclimate.yml file:

    exclude_paths:
- "src/vendor/*"
- "app.js"
engines:
  eslint:
    enabled: true

    Any help would be GREATLY appreciated - thanks.

    opened by robtarr 32
  • XDG config and cache

    XDG config and cache

    ⚠️ DO NOT MERGE ⚠️

    It apparently lack some Docker-specific parts.

    Adds global config for persistent UUID and version checks switch.

    Also adds some caching as well to prevent hitting Versions API too often.

    All implemented to XDG Base Directory Specification.

    opened by pointlessone 22
  • Improved Workspace Building

    Improved Workspace Building

    /cc @codeclimate/review

    This is the result of combining #300 & #302 and finishing up the remaining TODO items known from discussion on those 2 PRs.

    The big takeaways:

    • Calculation of the "workspace" (the set of paths an engine will operate on) is considerably more performant, and IMHO also conceptually simpler. Details of this were described in #302.
    • There's less magic, which also means some things the CLI used to do it no longer does:
      • Ignore .gitignore: we believe this was fairly low value, and is not worth the complexity & potential performance penalty some edge cases incurred.
      • Stop doing an enormous amount of permissions/file type checking: if there are unreadable files locally that an engine tries to read, the engine should either handle it reasonably well, or the user should exclude those directories from analysis.
    • New feature: per-engine excludes were made functionally trivial & entirely acceptable re: performance by this work, so they've been added.

    Open question for the team: I have not yet done serious work auditing how existing engines will behave with unreadable files/directories. @pbrisbin seemed to say in #300 that errors being thrown in cases like this was acceptable, since the exclude_paths should be configured to ignore those things. Put another way: noisy failure is preferable to quietly ignoring something. Opinions? Is that acceptable, or should we do some tests & consider engines that don't handle this case cleanly as blocking shipping of this?

    There are a couple CC complexity issues that popped up in the PathTree implementation: suggestions for improvements there are welcome. I've already improved that class from #302, and further improvements are not jumping out at me.

    Caveats:

    • Same as in #300, exclude paths are currently applied on top of explicit include paths (codeclimate analyze FILE), which can lead to unexpected behavior. In particular, due to how PathTree calculates its paths, you could end up analyzing all files if you attempted to explicitly analyze an excluded file. (This is because all_paths checks whether children were populated, and if they weren't it just returns its own root path -- including a file & then excluding it results in an empty set of children). Clearly that behavior is not correct, but before addressing that I think we should decide whether exclude paths should still apply when given explicit paths (i.e. in the case above the result should be no files to analyze), or should exclude paths be ignored when explicit paths have been provided?
    • Explicit includes also have an interesting edge case where if an invalid path is specified, the actual path analyzed will end up being the parent of whichever part of the path wasn't valid. (i.e. if you specify app/models/achtung, and achtung does not exist, the entire contents of app/models will end up being analyzed). This is down to the recursive nature of the algorithm and the fact that the data structure is implemented as mutable (the latter may have been a mistake, but it does simplify some things). Since include paths are always given on the command line, I'm not sure if we should consider this blocking or just worthy of a note for future attention.
    opened by wfleming 21
  • Add eslint-8 channel for eslint plugin

    Add eslint-8 channel for eslint plugin

    This PR add eslint-8 channel for codeclimate-eslint plugin

    plugins: 
  eslint:
    enabled: true
    channel: "eslint-8"

    Related PR: https://github.com/codeclimate/codeclimate-eslint/pull/569

    opened by shian15810 19
  • Add eslint-2 channel for eslint engine

    Add eslint-2 channel for eslint engine

    /cc @codeclimate/review

    I locally built and pushed an image from codeclimate/codeclimate-eslint#79 so it's now available to try. Consider this a quiet release for wider testing, it's entirely opt-in.

    opened by pbrisbin 18
  • I'm trying to install codeclimate cli on Windows 10 to make it work with atom.

    I'm trying to install codeclimate cli on Windows 10 to make it work with atom.

    I'm trying to install codeclimate cli on Windows 10 to make it work with atom. I followed the procedure:

    • Install docker
    • docker pull codeclimate/codeclimate

      I am not an experienced docker, so now what should I do to have a executable path to be given to atom?
      Thanks in advance.

    opened by XaBerr 18
  • Restore Glob Functionality to Workspace Refactor

    Restore Glob Functionality to Workspace Refactor

    I'm excited about the direction of #300, but I was concerned that completely removing glob support was overly extreme, and I'd had some thoughts while I was traveling about how it might be done performantly. This PR is my first draft at implementing those thoughts building on top of @pbrisbin's work.

    The key differences with our old technique are as follows:

    • Directory contents are never walked until they need to be due to explicit inclusions or exclusions. As a result:
      • The algorithm is much simpler than before: instead of a several-step process of collecting several disparate collections of paths, operating on relations between them, and then minimizing the resulting set, all operations are on a single sparse tree which is naturally minimized at all times.
      • Less overall file I/O & memory allocation for very large projects, since we're not walking every directory & building an in-memory list of every file path.
    • Only things that look like globs are treated like globs. Excluding directories by name instead of pattern works just fine.
    • There is no attempt to deal with unreadable files or symlinks or anything like that. (I think we'll still need to handle the case where a file we need to touch for interpreting an exclude can't be read, though).

    I went out of my way to keep the existing specs from #300 mostly unchanged, except for the sole case of no longer warning on glob usage (obviously), and adding a spec for globs working. I tried to minimize changing existing bits as well to make this easier to review & keep it clearer what I was changing. So this is more of a PoC or first draft than a finished proposal of implementation. That said, the basic structure is pretty much what I had in mind.

    As far as performance is concerned, this implementation works quite well on my local pathological case: it's indistinguishable from the current state of #300 as far as experienced performance goes. I'd like to write some actual code-based benchmarks before this ships so we'll have actual tests to tell us if the performance gets bad due to future changes.

    :eyes: @codeclimate/review

    TODOs:

    • [ ] This work means Workspace#dup is no longer safe for multiple-engines, because the dup is using the same instance of PathTree as the original. I'll need to fix that & should also update the relative workspace spec to actually test the dup functionality rather than just multiple #filter calls.
    • [ ] Handle potentially unreadable files when walking.
    • [ ] Do symlinks need any special treatment?
    • [ ] .git should be auto-excluded: that needs to be added.
    • [ ] Write some benchmarks.
    • [ ] make Specs test/use the results of a CC::YAML parse for both this class & Workspace.
    opened by wfleming 18
  • eslint config path not getting passed to codeclimate-eslint

    eslint config path not getting passed to codeclimate-eslint

    I have a code_climate.yml file with a

      eslint:
    enabled: true
    channel: eslint-3
    config:
      config: path/to/.eslintrc.json

    but when I run codeclimate analyze -e eslint:eslint-3

    I get the error

    /usr/src/app/node_modules/eslint/lib/config.js:170
            throw noConfigError;
            ^

Error: No ESLint configuration found.
    at getLocalConfig (/usr/src/app/node_modules/eslint/lib/config.js:162:35)
    at Config.getConfig (/usr/src/app/node_modules/eslint/lib/config.js:259:26)
    at Config.getConfig (/usr/src/app/lib/eslint-patch.js:34:46)
    at CLIEngine.getConfigForFile (/usr/src/app/node_modules/eslint/lib/cli-engine.js:776:29)
    at module.exports (/usr/src/app/lib/validate_config.js:9:22)
    at Object.<anonymous> (/usr/src/app/bin/eslint.js:236:5)
    at Module._compile (module.js:556:32)
    at Object.Module._extensions..js (module.js:565:10)
    at Module.load (module.js:473:32)
    at tryModuleLoad (module.js:432:12)

    as far as I can tell using CODECLIMATE_DEBUG=1 the path/to/.eslintrc.json is never getting sent to codeclimate-eslint

    opened by kjg 16
  • Can't configure a custom path for codeclimate-brakeman engine

    Can't configure a custom path for codeclimate-brakeman engine

    I have a custom directory structure and source files are not in the same directory where .codeclimate.yml is.

    Should be possible to configure a custom path, so codeclimate-brakeman can pass it to brakeman.

    When I run codeclimate-brakeman engine, I get this error:

    Running brakeman: Done!
error: (CC::Analyzer::Engine::EngineFailure) engine brakeman failed with status 1 and stderr
Please supply the path to a Rails application.
    enhancement 
    opened by wpolicarpo 16
  • CppCheck report a huge input error when scan big c++ repo

    CppCheck report a huge input error when scan big c++ repo

    Hi guys,

    When I use cppcheck to scan a big c++ repo, an error of "huge input" was thrown. This is caused by codeclimate-cppcheck. I already made a PR to fix it. So would please update the cppcheck engine image?

    opened by zjkyz8 0
  • Reek configuration custom location

    Reek configuration custom location

    Hi there! Thanks for awesome tool. I have a question. Is it possible to specify custom Reek configuration location like in .codeclimate.yml below?

    checks:
  argument-count:
    enabled: false
  method-complexity:
    enabled: false

plugins:
  rubocop:
    enabled: true
    channel: rubocop-1-39
    config:
      file: .circleci/linter_configs/.rubocop.yml

  reek:
    enabled: true
    config:
      file: .circleci/linter_configs/.reek.yml

    Rubocop applies, but Reek doesn't. Thanks for advice!

    opened by bestwebua 0
  • !feat(rootless): add podman for rootless

    !feat(rootless): add podman for rootless

    Description

    I wanna try to change the codeclimate image to use the podman rootless version. If we could avoid using the docker daemon, we could run the codeclimate image without root privileges.

    Ref

    • https://gitlab.com/gitlab-org/gitlab-foss/-/issues/37980
    • https://gitlab.com/gitlab-org/gitlab/-/issues/9784
    • https://developers.redhat.com/blog/2019/02/21/podman-and-buildah-for-docker-users
    opened by TartanLeGrand 1
  • [Snyk] Security upgrade alpine from 3.16.0 to 3.16.2

    [Snyk] Security upgrade alpine from 3.16.0 to 3.16.2

    Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

    Changes included in this PR

    • Dockerfile

    We recommend upgrading to alpine:3.16.2, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

    Some of the most important vulnerabilities in your base image include:

    | Severity | Priority Score / 1000 | Issue | Exploit Maturity | | :------: | :-------------------- | :---- | :--------------- | | high severity | 400 | Use After Free
    SNYK-ALPINE316-BUSYBOX-2953070 | No Known Exploit | | high severity | 400 | Use After Free
    SNYK-ALPINE316-BUSYBOX-2953070 | No Known Exploit | | medium severity | 300 | Inadequate Encryption Strength
    SNYK-ALPINE316-OPENSSL-2941806 | No Known Exploit | | medium severity | 300 | Inadequate Encryption Strength
    SNYK-ALPINE316-OPENSSL-2941806 | No Known Exploit | | critical severity | 500 | Out-of-bounds Write
    SNYK-ALPINE316-ZLIB-2976176 | No Known Exploit |

    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

    For more information: 🧐 View latest project report

    🛠 Adjust project settings

    Learn how to fix vulnerabilities with free interactive lessons:

    🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

    opened by snyk-bot 1
  • Cppcheck --inline-suppr flag not present

    Cppcheck --inline-suppr flag not present

    I cannot determine if this is an issue with how codeclimate generates the config.json or an issue with codeclimate-cppcheck so it may be related to this. It looks like the --inline-suppr flag is not being passed properly to cppcheck. Here is the command output. You can see the config getting printed with "inline-suppr"=>true but the actual command is missing the flag: 'cppcheck', '--enable=all', '--language=c', '--std=c11', '--xml', '--xml-version=2', '--file-list=/tmp/tmp5p_qmdbd'

    $ CODECLIMATE_DEBUG=1 codeclimate analyze
Starting analysis
I, [2022-10-06T01:54:34.137381 #1]  INFO -- : starting engine structure
D, [2022-10-06T01:54:34.199127 #1] DEBUG -- : /config.json content: {"enabled"=>true, "channel"=>"stable", "include_paths"=>[{ removed }], "debug"=>"1"}
D, [2022-10-06T01:54:34.202392 #1] DEBUG -- : docker run: ["docker", "run", "--name", "cc-engines-structure-stable-35358a3e-337f-49af-97d0-8f8b99275604", "--cap-drop", "all", "--label", "com.codeclimate.label=39b59b49-5cd4-40c2-9b16-146469120686", "--log-driver", "none", "--memory-swap", "-1", "--net", "none", "--rm", "--volume", "{ removed }", "--volume", "/tmp/cc/7dc1e425-113e-460f-b4d0-0d4e76cc3a26:/config.json:ro", "--user", "9000:9000", "--memory", "1024000000", "codeclimate/codeclimate-structure"]
D, [2022-10-06T01:54:34.408643 #1] DEBUG -- : engine stderr: 12
D, [2022-10-06T01:54:34.408782 #1] DEBUG -- : engine stderr: Parser process id: 12
D, [2022-10-06T01:54:34.408817 #1] DEBUG -- : engine stderr: codeclimate-parser socket not present
D, [2022-10-06T01:54:34.408829 #1] DEBUG -- : engine stderr: waiting 1s...
I, [2022-10-06T01:54:35.731679 #1]  INFO -- : finished engine structure
I, [2022-10-06T01:54:35.731802 #1]  INFO -- : starting engine duplication
D, [2022-10-06T01:54:35.731891 #1] DEBUG -- : /config.json content: {"enabled"=>true, "channel"=>"stable", "include_paths"=>[{ removed }], "debug"=>"1"}
D, [2022-10-06T01:54:35.732108 #1] DEBUG -- : docker run: ["docker", "run", "--name", "cc-engines-duplication-stable-a2b36140-7c35-4be3-aa12-5836e4818945", "--cap-drop", "all", "--label", "com.codeclimate.label=d1002583-07ee-4c5c-924b-5cfd1ca327fc", "--log-driver", "none", "--memory-swap", "-1", "--net", "none", "--rm", "--volume", "{ removed }", "--volume", "/tmp/cc/b22a4ae9-5b13-45b2-93cc-c1b98a78a34d:/config.json:ro", "--user", "9000:9000", "--memory", "1024000000", "codeclimate/codeclimate-duplication"]
D, [2022-10-06T01:54:35.972969 #1] DEBUG -- : engine stderr: 11
D, [2022-10-06T01:54:35.973059 #1] DEBUG -- : engine stderr: Parser process id: 11
D, [2022-10-06T01:54:35.973076 #1] DEBUG -- : engine stderr: codeclimate-parser socket not present
D, [2022-10-06T01:54:35.973088 #1] DEBUG -- : engine stderr: waiting 1s...
D, [2022-10-06T01:54:37.281357 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.280922 #1] DEBUG -- : Processing 0 csharp files concurrency=2
D, [2022-10-06T01:54:37.281565 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.281287 #1] DEBUG -- : Processed 0 csharp files
D, [2022-10-06T01:54:37.281596 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.281382 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.281666 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.281516 #1] DEBUG -- : Processing 0 go files concurrency=2
D, [2022-10-06T01:54:37.281993 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.281751 #1] DEBUG -- : Processed 0 go files
D, [2022-10-06T01:54:37.282043 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.281842 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.282056 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.281984 #1] DEBUG -- : Processing 0 java files concurrency=2
D, [2022-10-06T01:54:37.282251 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.282123 #1] DEBUG -- : Processed 0 java files
D, [2022-10-06T01:54:37.282287 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.282180 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.282415 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.282357 #1] DEBUG -- : Processing 0 javascript files concurrency=2
D, [2022-10-06T01:54:37.282581 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.282530 #1] DEBUG -- : Processed 0 javascript files
D, [2022-10-06T01:54:37.282684 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.282639 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.282804 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.282742 #1] DEBUG -- : Processing 0 kotlin files concurrency=2
D, [2022-10-06T01:54:37.282936 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.282876 #1] DEBUG -- : Processed 0 kotlin files
D, [2022-10-06T01:54:37.283013 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.282952 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.283131 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283081 #1] DEBUG -- : Processing 0 php files concurrency=2
D, [2022-10-06T01:54:37.283251 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283204 #1] DEBUG -- : Processed 0 php files
D, [2022-10-06T01:54:37.283280 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283250 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.283396 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283351 #1] DEBUG -- : Processing 0 python files concurrency=2
D, [2022-10-06T01:54:37.283551 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283498 #1] DEBUG -- : Processed 0 python files
D, [2022-10-06T01:54:37.283576 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283525 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.283683 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283635 #1] DEBUG -- : Processing 0 ruby files concurrency=2
D, [2022-10-06T01:54:37.283808 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283770 #1] DEBUG -- : Processed 0 ruby files
D, [2022-10-06T01:54:37.283855 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283794 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.284006 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.283963 #1] DEBUG -- : Processing 0 typescript files concurrency=2
D, [2022-10-06T01:54:37.284159 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.284118 #1] DEBUG -- : Processed 0 typescript files
D, [2022-10-06T01:54:37.284239 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.284201 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.284446 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.284395 #1] DEBUG -- : Processing 0 scala files concurrency=2
D, [2022-10-06T01:54:37.284635 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.284575 #1] DEBUG -- : Processed 0 scala files
D, [2022-10-06T01:54:37.284664 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.284614 #1] DEBUG -- : Reported 0 violations...
D, [2022-10-06T01:54:37.284776 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.284728 #1] DEBUG -- : Processing 0 swift files concurrency=2
D, [2022-10-06T01:54:37.284918 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.284883 #1] DEBUG -- : Processed 0 swift files
D, [2022-10-06T01:54:37.284969 #1] DEBUG -- : engine stderr: D, [2022-10-06T01:54:37.284921 #1] DEBUG -- : Reported 0 violations...
I, [2022-10-06T01:54:37.365385 #1]  INFO -- : finished engine duplication
I, [2022-10-06T01:54:37.365496 #1]  INFO -- : starting engine cppcheck
D, [2022-10-06T01:54:37.365594 #1] DEBUG -- : /config.json content: {"enabled"=>true, "config"=>{"check"=>"all", "language"=>"c", "stds"=>["c11"], "inline-suppr"=>true, "inconclusive"=>false}, "channel"=>"stable", "include_paths"=>[{ removed }], "debug"=>"1"}
D, [2022-10-06T01:54:37.366045 #1] DEBUG -- : docker run: ["docker", "run", "--name", "cc-engines-cppcheck-stable-46767c4d-73c9-492a-8028-64bce81e6465", "--cap-drop", "all", "--label", "com.codeclimate.label=ffdbfc0b-ea8a-4b11-9c48-77e9a10e4ee6", "--log-driver", "none", "--memory-swap", "-1", "--net", "none", "--rm", "--volume", "{ removed }", "--volume", "/tmp/cc/0dbc186c-ef49-40f3-8551-e27cf5ea639a:/config.json:ro", "--user", "9000:9000", "--memory", "1024000000", "codeclimate/codeclimate-cppcheck"]
{ removed }
D, [2022-10-06T01:54:38.204301 #1] DEBUG -- : engine stderr: [cppcheck] config: {'enabled': True, 'config': {'check': 'all', 'language': 'c', 'stds': ['c11'], 'inline-suppr': True, 'inconclusive': False}, 'channel': 'stable', 'include_paths': ['{ removed }'], 'debug': '1'}
D, [2022-10-06T01:54:38.204755 #1] DEBUG -- : engine stderr: [cppcheck] analyzing 8 files
D, [2022-10-06T01:54:38.204776 #1] DEBUG -- : engine stderr: [cppcheck] command: ['cppcheck', '--enable=all', '--language=c', '--std=c11', '--xml', '--xml-version=2', '--file-list=/tmp/tmp5p_qmdbd']
{ removed }
D, [2022-10-06T01:54:38.272561 #1] DEBUG -- : engine stdout: 

I, [2022-10-06T01:54:38.272757 #1]  INFO -- : finished engine cppcheck

    Version Info:

    Linux { removed } #54~20.04.1-Ubuntu SMP Thu Sep 1 16:17:26 UTC 2022 x86_64 x86_64 x86_64 GNU/Linu
Client: Docker Engine - Community
 Version:           20.10.17
 API version:       1.41
 Go version:        go1.17.11
 Git commit:        100c701
 Built:             Mon Jun  6 23:02:57 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.17
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.11
  Git commit:       a89b842
  Built:            Mon Jun  6 23:01:03 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.6
  GitCommit:        10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
 runc:
  Version:          1.1.2
  GitCommit:        v1.1.2-0-ga916309
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
    opened by jeffstjean 1
Releases(v0.89.0)
Owner
Code Climate
Engineering Intelligence
Code Climate
GitHub https://codeclimate.com/
Library for counting the lines of code in PHP source code

sebastian/lines-of-code Library for counting the lines of code in PHP source code. Installation You can add this library as a local, per-project depen

Sebastian Bergmann 715 Jan 5, 2023
A full-scale PHP sandbox class that utilizes PHP-Parser to prevent sandboxed code from running unsafe code

A full-scale PHP 7.4+ sandbox class that utilizes PHP-Parser to prevent sandboxed code from running unsafe code. It also utilizes FunctionParser to di

Corveda 192 Dec 10, 2022
PHP Static Analysis Tool - discover bugs in your code without running it!

PHPStan - PHP Static Analysis Tool PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even b

PHPStan 11.6k Dec 30, 2022
A PHP code-quality tool

GrumPHP Sick and tired of defending code quality over and over again? GrumPHP will do it for you! This composer plugin will register some git hooks in

PHPro 3.9k Jan 1, 2023
Copy/Paste Detector (CPD) for PHP code.

PHP Copy/Paste Detector (PHPCPD) phpcpd is a Copy/Paste Detector (CPD) for PHP code. Installation This tool is distributed as a PHP Archive (PHAR): $

Sebastian Bergmann 2.2k Jan 1, 2023
Analyze PHP code with one command

PHPQA Analyze PHP code with one command. Requirements PHP >= 5.4.0 xsl extension for HTML reports Why? Every analyzer has different arguments and opti

edgedesign/phpqa 542 Dec 24, 2022
Static code analysis to find violations in a dependency graph

PhpDependencyAnalysis PhpDependencyAnalysis is an extendable static code analysis for object-oriented PHP-Projects to generate dependency graphs from

Marco Muths 546 Dec 7, 2022
Performs advanced static analysis on PHP code

PHP Analyzer Please report bugs or feature requests via our website support system ? in bottom right or by emailing [email protected]. Contri

Continuous Inspection 443 Sep 23, 2022
A static php code analysis tool using the Graph Theory

Mondrian Ok guyz, you have a master degree in Graph Theory, you follow Law of Demeter and you live on S.O.L.I.D principles ? Let's have some Fun ! (^ω

Florent Genette 391 Nov 30, 2022
Instant Upgrades and Instant Refactoring of any PHP 5.3+ code

Rector - Speedup Your PHP Development Rector helps you with 2 areas - major code changes and in daily work. Do you have a legacy code base? Do you wan

RectorPHP 6.5k Jan 8, 2023
Automagically generate UML diagrams of your Laravel code.

Laravel UML Diagram Generator Automagically generate UML diagrams of your Laravel code. Installation To install LTU via composer, run the command: com

Andy Abi Haidar 93 Jan 1, 2023
Provides functionality that helps writing PHP code that has runtime-specific (PHP / HHVM) execution paths

sebastian/environment This component provides functionality that helps writing PHP code that has runtime-specific (PHP / HHVM) execution paths. Instal

Sebastian Bergmann 6.5k Jan 3, 2023
Search PHP source code for function & method calls, variables, and more from PHP.

Searching PHP source code made easy Search PHP source code for function & method calls, variable assignments, classes and more directly from PHP. Inst

Permafrost Software 22 Nov 24, 2022
Deptrac is a static code analysis tool for PHP that helps you communicate, visualize and enforce architectural decisions in your projects

Deptrac is a static code analysis tool for PHP that helps you communicate, visualize and enforce architectural decisions in your projects. You can freely define your architectural layers over classes and which rules should apply to them.

QOSSMIC GmbH 2.2k Dec 30, 2022
The Stopwatch component provides a way to profile code.

Stopwatch Component The Stopwatch component provides a way to profile code.

Symfony 2.6k Dec 28, 2022
Feel free to create new file, don't hesitate to pull your code, the most important thing is that the file name here must match your nickname so that file does not conflict with other people.

PHP-Projects hacktoberfest Contributing Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to cha

Firmansyah Helmi Kurniawan 43 Nov 28, 2022
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code

phpcs-security-audit v3 About phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in

Floe design + technologies 655 Jan 3, 2023
A tool to automatically fix PHP Coding Standards issues by Dragon Code.

A tool to automatically fix PHP Coding Standards issues by Dragon Code.

The Dragon Code 24 Aug 27, 2022
PHP code scanner to use with gettext/gettext

PHP code scanner to use with gettext/gettext

Gettext 12 Nov 11, 2022