Releases: Ericsson/codechecker
v6.28.0
🌟 Highlights
-
Source component table by @bruntib in #4758
Queries by source components were slow. After this patch there is a radical speedup in the report queries where source component filter is involved. -
List enabled checkers in CLI: CodeChecker cmd runs by @xb058t in #4468
You can list the enabled checkers for any runs from the CLI by executing
CodeChecker cmd runs -n <RUN_NAME> -o json
- Addition of Saving and Loading of Filter Presets by @feyruzb in #4755
Frequently used report filters can be saved into named "presets" and later can be reloaded:
The filter presests can also be access in the CLI with the
CodeChecker cmd filter-preset commands.
E.g.
CodeChecker cmd filter-preset list
----------------------------------------------------------------------------
ID | Name | Active Filters
----------------------------------------------------------------------------
1 | High Severity Issues | severity(1), reviewStatus(2), detectionStatus(3)
----------------------------------------------------------------------------
- [feat] Adding Checker coverage statistics to CLI by @bruntib in #4796
The
CodeChecker cmd sum -n tinxyml_sensitive --url http://localhost:8001/Default
command lists the checkers that have findings and any corresponding guideline rules.
-
Extend SEI Cert guideline mapping for cppcheck and gcc analyzers by @gulyasgergely902 in #4804
All supported gcc static analyzer (https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html) and cppcheck (https://cppcheck.sourceforge.io/) checker now have the SEI Cert rule associations. -
Upgrade CodeChecker to use Vue 3 by @gulyasgergely902 in #4801
CodeChecker GUI is now rewritten to the Vue 3 framework.
- Enable passing credentials from env var by @dkrupp in #4838
The authentication credentials can now be passed from environment variable besides.codechecker_password.jsonfile.
export CC_PASSWORD="secret"
CodeChecker cmd login username
- Add PMD analyzer support by @Robert-Marton34 in #4750
It is now possible to store the analysis results of PMD analyzer https://pmd.github.io/.
-
[analyzer] Remove -analyzer-opt-analyze-headers flag by @gamesh411 in #4752
-analyzer-opt-analyze-headersoption was removed from Clang Static Analyzer invocation, which speeds up the analysis by ~2-3 times. When this flag is not present, functions defined in header files will not be analyzed as top level functions by the analyzer. The speedup sacrifices some header only reports. -
Added blame info feature for "cmd results" command #4842
Blame information for reports was only available on the GUI. Now, if we wish to check the git commit info in the CLI, we can do that withCodeChecker cmd results --detailscommand.
We can only check blame info for runs that have a Git repository. The server address and the run name should also be given, e.g.:CodeChecker cmd results --details --url http://localhost:8001/Default test.
What's Changed
- [version] Bump up version 6.28.0 by @bruntib in #4727
- [fix] semver.Version doesn't have strip() by @bruntib in #4728
- [refactor] Do not use pinned versions in requirements.txt by @thorsten-klein in #4714
- Log full OS error message when the connection fails by @barnabasdomozi in #4740
- [fix] Crash on non-existing variable by @bruntib in #4742
- Print analysis length with 2 decimals by @bruntib in #4745
- [fix] Missing OWASP Top10 link from checker labels by @bruntib in #4749
- [fix] Fix fnmatch regex generation assert by @bruntib in #4753
- Fix fnmatch.translate() in skiplist handler by @barnabasdomozi in #4754
- [analyzer] Remove -analyzer-opt-analyze-headers flag by @gamesh411 in #4752
- [fix] "CodeChecker checkers" crash when infer used by @bruntib in #4748
- Add coverage.py integration for unit tests by @hassan-afifi in #4708
- [fix] Can't list server instances at PyPI installation by @bruntib in #4757
- Add PMD analyzer support by @Robert-Marton34 in #4750
- Fix the issue where the ReportTree component remains in a loading state when the result exceeds MAX_QUERY_SIZE by @xJOAN in #4747
- [analyzer] Completely remove -analyzer-opt-analyze-headers by @gamesh411 in #4760
- [add] add severity for sarif by @Rayzedan in #4761
- Add "-fdump-rtl.*" to ignored GCC compiler options by @StMartin81 in #4765
- Upgrade SQLAlchemy to version 2.0 by @bruntib in #4729
- Fix: Handle empty stdin gracefully in fixit command by @blozano-tt in #4766
- [fix] Add -j flag to "CodeChecker store" by @bruntib in #4763
- Upgrade deps by @bruntib in #4751
- Introduce task statistics script by @barnabasdomozi in #4767
- Remove store_time.log by @barnabasdomozi in #4770
- gitignore task json files in scripts/statistics directory by @barnabasdomozi in #4774
- Added flags to set server processes by @barnabasdomozi in #4772
- Remove OAuth groups source requirements by @Discookie in #4775
- docker: add container HEALTHCHECK by @0rlych1kk4 in #4777
- Source component table by @bruntib in #4758
- Skip automated Selenium tests in GitHub CI by @barnabasdomozi in #4778
- Relax permissions requirements for task management by @Discookie in #4776
- List enabled checkers in CLI: CodeChecker cmd runs by @xb058t in #4468
- [doc] No more external clang libs are used. by @bruntib in #4789
- Remove logger.conf by @barnabasdomozi in #4790
- [fix] SQLAlchemy warning on subquery in IN clause by @bruntib in #4791
- Fix cleanup sessions function by @barnabasdomozi in #4793
- Fix SQLAlchemy session closing by @barnabasdomozi in #4794
- Fix unclosed database session in add_product by @barnabasdomozi in #4795
- Report directory and metadata.json format specification by @dkrupp in #4797
- Display seconds in logging by @barnabasdomozi in #4799
- Addition of Saving and Loading of Filter Presets by @feyruzb in #4755
- [NFC] Remove deprecated ::set-output usage by @gamesh411 in #4427
- [fix] Fix invisible chars in error plist by @bruntib in #4809
- [feat] Display guideline levels in the guideline statistics table by @bruntib in #4787
- [feat] Adding Checker coverage statistics to CLI by @bruntib in #4796
- Fix sqlalchemy error when migrating schema by @jimis in #4813
- Fix product status check during startup by @barnabasdomozi in #4815
- Reduce BrokenPipe error messages by @barnabasdomozi in #4814
- Fix CLI parse status filter by @barnabasdomozi in #4784
- Integrate mypy into CI by @barnabasdomozi in #4800
- [doc] Extend task management docs by @bruntib in #4817
- Fix trailing whitespace in report_server.py by...
Contributors
Assets 2
v6.28.0-rc1
🌟 Highlights
-
Source component table by @bruntib in #4758
Queries by source components were slow. After this patch there is a radical speedup in the report queries where source component filter is involved. -
List enabled checkers in CLI: CodeChecker cmd runs by @xb058t in #4468
You can list the enabled checkers for any runs from the CLI by executing
CodeChecker cmd runs -n <RUN_NAME> -o json
- Addition of Saving and Loading of Filter Presets by @feyruzb in #4755
Frequently used report filters can be saved into named "presets" and later can be reloaded:
The filter presests can also be access in the CLI with the
CodeChecker cmd filter-preset commands.
E.g.
CodeChecker cmd filter-preset list
----------------------------------------------------------------------------
ID | Name | Active Filters
----------------------------------------------------------------------------
1 | High Severity Issues | severity(1), reviewStatus(2), detectionStatus(3)
----------------------------------------------------------------------------
- [feat] Adding Checker coverage statistics to CLI by @bruntib in #4796
The
CodeChecker cmd sum -n tinxyml_sensitive --url http://localhost:8001/Default
command lists the checkers that have findings and any corresponding guideline rules.
-
Extend SEI Cert guideline mapping for cppcheck and gcc analyzers by @gulyasgergely902 in #4804
All supported gcc static analyzer (https://gcc.gnu.org/onlinedocs/gcc/Static-Analyzer-Options.html) and cppcheck (https://cppcheck.sourceforge.io/) checker now have the SEI Cert rule associations. -
Upgrade CodeChecker to use Vue 3 by @gulyasgergely902 in #4801
CodeChecker GUI is now rewritten to the Vue 3 framework.
- Enable passing credentials from env var by @dkrupp in #4838
The authentication credentials can now be passed from environment variable besides.codechecker_password.jsonfile.
export CC_PASSWORD="secret"
CodeChecker cmd login username
- Add PMD analyzer support by @Robert-Marton34 in #4750
It is now possible to store the analysis results of PMD analyzer https://pmd.github.io/.
- [analyzer] Remove -analyzer-opt-analyze-headers flag by @gamesh411 in #4752
-analyzer-opt-analyze-headersoption was removed from Clang Static Analyzer invocation, which speeds up the analysis by ~2-3 times. When this flag is not present, functions defined in header files will not be analyzed as top level functions by the analyzer. The speedup sacrifices some header only reports.
What's Changed
- [version] Bump up version 6.28.0 by @bruntib in #4727
- [fix] semver.Version doesn't have strip() by @bruntib in #4728
- [refactor] Do not use pinned versions in requirements.txt by @thorsten-klein in #4714
- Log full OS error message when the connection fails by @barnabasdomozi in #4740
- [fix] Crash on non-existing variable by @bruntib in #4742
- Print analysis length with 2 decimals by @bruntib in #4745
- [fix] Missing OWASP Top10 link from checker labels by @bruntib in #4749
- [fix] Fix fnmatch regex generation assert by @bruntib in #4753
- Fix fnmatch.translate() in skiplist handler by @barnabasdomozi in #4754
- [analyzer] Remove -analyzer-opt-analyze-headers flag by @gamesh411 in #4752
- [fix] "CodeChecker checkers" crash when infer used by @bruntib in #4748
- Add coverage.py integration for unit tests by @hassan-afifi in #4708
- [fix] Can't list server instances at PyPI installation by @bruntib in #4757
- Add PMD analyzer support by @Robert-Marton34 in #4750
- Fix the issue where the ReportTree component remains in a loading state when the result exceeds MAX_QUERY_SIZE by @xJOAN in #4747
- [analyzer] Completely remove -analyzer-opt-analyze-headers by @gamesh411 in #4760
- [add] add severity for sarif by @Rayzedan in #4761
- Add "-fdump-rtl.*" to ignored GCC compiler options by @StMartin81 in #4765
- Upgrade SQLAlchemy to version 2.0 by @bruntib in #4729
- Fix: Handle empty stdin gracefully in fixit command by @blozano-tt in #4766
- [fix] Add -j flag to "CodeChecker store" by @bruntib in #4763
- Upgrade deps by @bruntib in #4751
- Introduce task statistics script by @barnabasdomozi in #4767
- Remove store_time.log by @barnabasdomozi in #4770
- gitignore task json files in scripts/statistics directory by @barnabasdomozi in #4774
- Added flags to set server processes by @barnabasdomozi in #4772
- Remove OAuth groups source requirements by @Discookie in #4775
- docker: add container HEALTHCHECK by @0rlych1kk4 in #4777
- Source component table by @bruntib in #4758
- Skip automated Selenium tests in GitHub CI by @barnabasdomozi in #4778
- Relax permissions requirements for task management by @Discookie in #4776
- List enabled checkers in CLI: CodeChecker cmd runs by @xb058t in #4468
- [doc] No more external clang libs are used. by @bruntib in #4789
- Remove logger.conf by @barnabasdomozi in #4790
- [fix] SQLAlchemy warning on subquery in IN clause by @bruntib in #4791
- Fix cleanup sessions function by @barnabasdomozi in #4793
- Fix SQLAlchemy session closing by @barnabasdomozi in #4794
- Fix unclosed database session in add_product by @barnabasdomozi in #4795
- Report directory and metadata.json format specification by @dkrupp in #4797
- Display seconds in logging by @barnabasdomozi in #4799
- Addition of Saving and Loading of Filter Presets by @feyruzb in #4755
- [NFC] Remove deprecated ::set-output usage by @gamesh411 in #4427
- [fix] Fix invisible chars in error plist by @bruntib in #4809
- [feat] Display guideline levels in the guideline statistics table by @bruntib in #4787
- [feat] Adding Checker coverage statistics to CLI by @bruntib in #4796
- Fix sqlalchemy error when migrating schema by @jimis in #4813
- Fix product status check during startup by @barnabasdomozi in #4815
- Reduce BrokenPipe error messages by @barnabasdomozi in #4814
- Fix CLI parse status filter by @barnabasdomozi in #4784
- Integrate mypy into CI by @barnabasdomozi in #4800
- [doc] Extend task management docs by @bruntib in #4817
- Fix trailing whitespace in report_server.py by @barnabasdomozi in #4825
- [fix] Fix crash when analyzer_command is null by @bruntib in #4823
- Collect analysis config files to report_dir/conf/ by @barnabasdomozi in #4826
- Extend SEI Cert guideline mapping for cppcheck and gcc analyzers by @gulyasgergely902 in #4804
- Fix PostgreSQL product creation with special ...
Contributors
Assets 2
v6.27.4
This is a security release that fixes a critical authorization issue. Please, upgrade your servers as soon as possible.
Corresponding CVE ID: CVE-2026-25660
Thanks for @mtolley for reporting this issue.
- Add missing VIEW permission check 7d60d1e
- Additional logic for handling missing auth sessions 75b3913
- Relax permissions requirements for task management fd9f405
- [fix] Fix invisible chars in error plist (#4809)
Full Changelog: v6.27.3...v6.27.4
Contributors
Assets 2
v6.27.3
v6.27.2
Bug fixes
- Fix: Handle empty stdin gracefully in fixit command #4766
- [fix] Can't list server instances at PyPI installation #4757
- Fix fnmatch.translate() in skiplist handler #4754
- [fix] Fix fnmatch regex generation assert #4753
- [fix] "CodeChecker checkers" crash when infer used #4748
- Fix the issue where the ReportTree component remains in a loading state when the result exceeds MAX_QUERY_SIZE #4747
- [fix] Crash on non-existing variable #4742
- Log full OS error message when the connection fails #4740
Enhancement
- [fix] Add -j flag to "CodeChecker store"#4763
- Added flags to set server processes #4772
- Remove store_time.log #4770
Configuration
- Add "-fdump-rtl.*" to ignored GCC compiler options#4765
- [add] add severity for sarif #4761
- [analyzer] Completely remove -analyzer-opt-analyze-headers #4760
- [analyzer] Remove -analyzer-opt-analyze-headers flag #4752
- Upgrade deps #4751
- [fix] Missing OWASP Top10 link from checker labels #4749
- Print analysis length with 2 decimals #4745
- Upgrade SQLAlchemy to version 2.0 #4729
- [refactor] Do not use pinned versions in requirements.txt #4714
v6.27.1
v6.27.0
🌟 Highlights
Asynchronous Store
CodeChecker changes it's store execution model from synchronous to asynchronous mode.
The CodeChecker store command will not have to wait synchronously for the server to finish the storage procedure of the reports, but can seamlessly continue execution after the store process started. Then later, it can query the status of the storage task from the server.
This provides more stable report storage procedures as many users expereinced broken TCP connections during large analysis results storage batches.
CodeChecker will provide a command line utility for admins to query ongoing/finished/cancelled storage processes with filtering option.
❯ build/CodeChecker/bin/CodeChecker cmd serverside-tasks --enqueued-after 2024:08:19 --status cancelled
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Token | Machine | Type | Summary | Status | Product | User | Enqueued | Started | Last seen | Completed | Cancelled?
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
8b62497c7d1b7e3945445f5b9c3951d97ae07e58f97cad60a0187221e7d1e2ba | xxxxxxxxxxxxx:8001 | taskService::DummyTask | Dummy task for testing purposes | CANCELLED | | | 2024-08-19 15:55:34 | 2024-08-19 15:55:34 | 2024-08-19 15:55:35 | 2024-08-19 15:55:35 | Yes
6fa0097a9bd1799572c7ccd2afc0272684ed036c11145da7eaf40cc8a07c7241 | xxxxxxxxxxxxx:8001 | taskService::DummyTask | Dummy task for testing purposes | CANCELLED | | | 2024-08-19 15:55:53 | 2024-08-19 15:55:53 | 2024-08-19 15:55:53 | 2024-08-19 15:55:53 | Yes
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Detailed analysis status command
CodeChecker parse --status ./report_dir [--detailed] [-e json]
This command provides a clear overview of the current state of analysis results within the report directory, indicating which reports are up to date, which are outdated, which analyses have failed, and which files were never processed (e.g. skipped).
Example output:
----==== Summary ====----
Up-to-date analysis results
clangsa: 311
clang-tidy: 311
Outdated analysis results
Failed to analyze
clangsa: 20
clang-tidy: 20
Missing analysis results
clangsa: 18
clang-tidy: 18
cppcheck: 349
Total analyzed compilation commands: 331
Total available compilation commands: 349
----=================----
The --detailed flag shows the exact files involved instead of just counts. For automated workflows, the -e json option provides the status info in a format that can be easily processed.
New Component Filter mode: single-origin-report
A new report filter option is introduced to CodeChecker: Single Origin mode. This option makes it possible to filter only those reports which are contained entirely within a source code component. To use it, select the "Single Origin" mode when editing the Source Component filter in the Reports view.
This new option is also available from the command line using the --single-origin-report argument. E.g:
CodeChecker cmd results --single-origin-report --component my_component ...
Highlight non-compliant guideline rules
Non-compliant rules are highlighed in the SEI-Cert statistics and compliant rules can be hidden.
[feat] Highlight non-compliant rules in the Guideline statistics by @noraz31 in #4616
Navigable numbers in the product statistics page
The values of the outstanding reports graph are now clickable.
[feat] Show found issues on a given date from statistics by @gulyasgergely902 in #4615
What's Changed
- [ci] Add CodeChecker analyze to GitHub Actions by @gulyasgergely902 in #4604
- [fix] Fix codechecker GitHub gating by @gulyasgergely902 in #4623
- [feat] Show found issues on a given date from statistics by @gulyasgergely902 in #4615
- [feat] Highlight non-compliant rules in the Guideline statistics by @noraz31 in #4616
- [fix] Cppcheck suppress unusedFunction checker only once by @bruntib in #4599
- [fix] Fix github gating authentication issue by @gulyasgergely902 in #4630
- [fix] Fix statistics page components by @gulyasgergely902 in #4631
- [fix] Fix updating fixed_at time by @gulyasgergely902 in #4621
- Typo fix by @bruntib in #4639
- Upgrade psycopg2-binary to 2.9.10 by @bruntib in #4640
- [feat] Store hashed pwds in server config by @dr-antimonious in #4641
- Upgrade pg8000 to 1.31.4 by @bruntib in #4644
- Bump urllib3 from 2.2.2 to 2.5.0 in /scripts/labels by @dependabot[bot] in #4605
- Manage secrets outside of server_config.json by @barnabasdomozi in #4633
- feat(server): Asynchronous server-side background task execution by @bruntib in #4603
- Update psutils to version with wheels by @elupus in #4499
- [doc] Fix documentation link by @bruntib in #4652
- Rework config_directory by @barnabasdomozi in #4645
- [doc] Fix section links in readthedocs.io documentation by @bruntib in #4653
- [fix] Parallelize parse_unique_log to speed-up ~nproc times by @irishrover in #4607
- fix link ref in usage.md by @SimonHeimberg in #4655
- [report-converter] Improve documentation maintainability by @gamesh411 in #4424
- Url format checker doesn't recognize - as part of url by @feyruzb in #4627
- Bump requests from 2.32.3 to 2.32.4 in /web/requirements_py/auth by @dependabot[bot] in #4598
- 6512 documentation on GitHub gating by @gulyasgergely902 in #4634
- feat(cmd): Implemented a CLI for task management by @bruntib in #4609
- [fix] get analyzer name from SARIF report by @Rayzedan in #4671
- Replace CTU query functions to ClangSA by @bruntib in #4672
- Fix ClangTidy default hash type in codechecker_report_converter by @barnabasdomozi in #4661
- [fix] ld_logger not available in MacOS by @bruntib in #4673
- Guideline stats sorting issue by @gulyasgergely902 in #4681
- Fix statistics numbers by @gulyasgergely902 in #4680
- Async store 3 by @bruntib in #4662
- [fix] The hash should mach the package in package-lock.json by @bruntib in #4687
New Contributors
- @Marsman1996 made their first contribution in #4618
- @dr-antimonious made their first contribution in #4641
- @elupus made their first contribution in #4499
- @SimonHeimberg made their first contribution in #4655
- @salticecream made their first contribution in #4654
- @Rayzedan made their first contribution in #4671
Full Changelog: v6.26.2...v6.27.0
Contributors
Assets 2
v6.27.0-rc1
🌟 Highlights
Asynchronous Store
CodeChecker changes it's store execution model from synchronous to asynchronous mode.
The CodeChecker store command will not have to wait synchronously for the server to finish the storage procedure of the reports, but can seamlessly continue execution after the store process started. Then later, it can query the status of the storage task from the server.
CodeChecker will provide a command line utility for admins to query ongoing/finished/cancelled storage processes with filtering option.
❯ build/CodeChecker/bin/CodeChecker cmd serverside-tasks --enqueued-after 2024:08:19 --status cancelled
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Token | Machine | Type | Summary | Status | Product | User | Enqueued | Started | Last seen | Completed | Cancelled?
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
8b62497c7d1b7e3945445f5b9c3951d97ae07e58f97cad60a0187221e7d1e2ba | xxxxxxxxxxxxx:8001 | taskService::DummyTask | Dummy task for testing purposes | CANCELLED | | | 2024-08-19 15:55:34 | 2024-08-19 15:55:34 | 2024-08-19 15:55:35 | 2024-08-19 15:55:35 | Yes
6fa0097a9bd1799572c7ccd2afc0272684ed036c11145da7eaf40cc8a07c7241 | xxxxxxxxxxxxx:8001 | taskService::DummyTask | Dummy task for testing purposes | CANCELLED | | | 2024-08-19 15:55:53 | 2024-08-19 15:55:53 | 2024-08-19 15:55:53 | 2024-08-19 15:55:53 | Yes
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
What's Changed
- [ci] Add CodeChecker analyze to GitHub Actions by @gulyasgergely902 in #4604
- [fix] Fix codechecker GitHub gating by @gulyasgergely902 in #4623
- [feat] Show found issues on a given date from statistics by @gulyasgergely902 in #4615
- [feat] Highlight non-compliant rules in the Guideline statistics by @noraz31 in #4616
- [fix] Cppcheck suppress unusedFunction checker only once by @bruntib in #4599
- [fix] Fix github gating authentication issue by @gulyasgergely902 in #4630
- [fix] Fix statistics page components by @gulyasgergely902 in #4631
- [fix] Fix updating fixed_at time by @gulyasgergely902 in #4621
- Typo fix by @bruntib in #4639
- Upgrade psycopg2-binary to 2.9.10 by @bruntib in #4640
- [feat] Store hashed pwds in server config by @dr-antimonious in #4641
- Upgrade pg8000 to 1.31.4 by @bruntib in #4644
- Bump urllib3 from 2.2.2 to 2.5.0 in /scripts/labels by @dependabot[bot] in #4605
- Manage secrets outside of server_config.json by @barnabasdomozi in #4633
- feat(server): Asynchronous server-side background task execution by @bruntib in #4603
- Update psutils to version with wheels by @elupus in #4499
- [doc] Fix documentation link by @bruntib in #4652
- Rework config_directory by @barnabasdomozi in #4645
- [doc] Fix section links in readthedocs.io documentation by @bruntib in #4653
- [fix] Parallelize parse_unique_log to speed-up ~nproc times by @irishrover in #4607
- fix link ref in usage.md by @SimonHeimberg in #4655
- [report-converter] Improve documentation maintainability by @gamesh411 in #4424
- Url format checker doesn't recognize - as part of url by @feyruzb in #4627
- Bump requests from 2.32.3 to 2.32.4 in /web/requirements_py/auth by @dependabot[bot] in #4598
- 6512 documentation on GitHub gating by @gulyasgergely902 in #4634
- feat(cmd): Implemented a CLI for task management by @bruntib in #4609
- [fix] get analyzer name from SARIF report by @Rayzedan in #4671
- Replace CTU query functions to ClangSA by @bruntib in #4672
- Fix ClangTidy default hash type in codechecker_report_converter by @barnabasdomozi in #4661
- [fix] ld_logger not available in MacOS by @bruntib in #4673
- Guideline stats sorting issue by @gulyasgergely902 in #4681
- Fix statistics numbers by @gulyasgergely902 in #4680
- Async store 3 by @bruntib in #4662
- [fix] The hash should mach the package in package-lock.json by @bruntib in #4687
New Contributors
- @Marsman1996 made their first contribution in #4618
- @dr-antimonious made their first contribution in #4641
- @elupus made their first contribution in #4499
- @SimonHeimberg made their first contribution in #4655
- @salticecream made their first contribution in #4654
- @Rayzedan made their first contribution in #4671
Full Changelog: v6.26.2...v6.27.0-rc1
Contributors
Assets 2
v6.26.2
This is a bugfix release with minor feature updates the following highlights:
Security
This patch fixes a buffer overflow vulnerabilty in the CodeChecker log command line client. CVE-2025-40843
Other
- Fix gcc exception if it is enabled only but a clang analyzer config i…
- Add memory-safety guideline (https://github.com/Ericsson/codechecker/pull/4654[)](https://github.com/Ericsson/codechecker/commit/c2590be8eec6964962da5382a59d389e5c5b79b8)
- Parallelize parse_unique_log to speed-up ~nproc times
- [fix] Fix statistics page report numbers
- [feat] Simplify product overview tab in Statistics
- [feat] Store hashed pwds in server config
- [feat] Simplify product overview tab in Statistics
- [feat] Highlight non-compliant rules in the Guideline statistics
- [fix] Cppcheck suppress unusedFunction checker only once
Full Changelog: v6.26.1...v6.26.2
v6.26.1: [fix] Personal access token name fix
- Install "requests" Python dependency #4596
- [fix] Fix migration logging #4597
- [fix] Add global view permission requirement for viewing products #4608
- [feat] Sync group permissions with login provider to prevent out-of-sync groups. #4610
- [fix] Significant speed-up for create_actions_map and start_workers #4611
- Fix SeverityIcon color error #4618
- [fix] Blank page on invalid session token #4622
- [fix] Personal access token name fix #4628
Full Changelog: v6.26.0...v6.26.1