Scan-build, the current bug viewer Clang Static Analyzer front-end tool has some scalability issues and limitations.
For example, scan-build creates static HTML reports, storing whole source files as many times as they are included in a report.
Incremental bug reporting (show only new bugs compared to a baseline) and false positive suppression is not supported either.
To address these issues, back in July we published CodeChecker on GitHub ( https://github.com/Ericsson/codechecker ),
a new defect storage and management infrastructure for Clang Static Analyzer (written in python). We also gave a talk about this in Euro LLVM 2015 (http://llvm.org/devmtg/2015-04/).
The most important features are the following:
scalable dynamic web based defect viewer (instead of static html)
a new command line tool for analyzing projects which is usable in CI scripts
a PostgreSQL based defect storage & management
incremental bug reporting (show only new bugs compared to a baseline)
suppression of false positives
better integration with build systems (through the LD_PRELOAD mechanism)
Apache Thrift API based server-client model for storing bugs and viewing results.
It is possible to connect multiple bug viewers. Currently a web-based viewer and a command line viewer are provided.
Since its publication we have fixed many errors, addressed user-feedbacks and now I think it is mature enough.
We could release the tool under LLVM license.
If you agree, this tool could be part of the llvm/clang source tree, possibly besides scan-build (or a separate llvm repository?).
I am not sure about the official process.
Can anyone help with this?