The recommended flow for CI integration is to determine the modified files, and run the analysis in reactive mode starting from those files. If you would like to run more than one analyzer, it is more efficient to separate the capture phase, so that the result can be used by all the analyzers.
Here's how to run infer on two versions of a project and compare the results in general.
Assume the project uses git,
feature is the feature branch (the code change
you want to analyze),
master is the master branch, and
make builds the
# go to feature branch if not there alreadygit checkout feature# get list of changed filesgit diff --name-only origin/feature..origin/master > index.txt## first run: feature branch# run infer on the feature branchinfer capture -- make -j 4 # assuming a machine with 4 coresinfer analyze --changed-files-index index.txt# store the infer reportcp infer-out/report.json report-feature.json## second run: master branchgit checkout master# run capture in reactive mode so that previously-captured source files are kept if they are up-to-dateinfer capture --reactive -- make -j 4infer analyze --reactive --changed-files-index index.txt# compare reportsinfer reportdiff --report-current report-feature.json --report-previous infer-out/report.json
At the end of this process, "infer-out/differential/" contains three files, which follow the same format as normal infer JSON reports:
- introduced.json contains the issues found in the feature branch but not in master;
- fixed.json contains the issues found in master but not in the feature branch;
- preexisting.json contains the issues found in both branches.
Example: Android Gradle
The following CI script runs the
eradicate analyzers. Assume again
feature is the feature branch, and
master is the master branch.
git diff --name-only origin/feature..origin/master > index.txtinfer capture -- ./gradlew --offline assembleDebuginfer analyze --fail-on-issue --eradicate --changed-files-index ./index.txt
- We use git to find the changed files
git diff --name-only
- We run capture only once, and the output is kept for the subsequent analyses
- We run the eradicate analysis alongside the default analyses:
- We analyze only the changed files