Questions about code reviews and static analysis tools for TU Delft research

Hi everyone,

I'm doing research on code reviews and static analysis tools at the SERG group (http://swerl.tudelft.nl/bin/view/Main/WebHome) of the Delft University of Technology. Currently, we want to give an overview of the usage of code review and static analysis tools in open source projects. Therefore, I would be very happy to know a little bit more about how code reviews are used in Clang and if (and maybe how) static analysis tools are used. I have a couple of questions for anyone willing to answer:

1. Do all developers (contributors and core developers) have to submit a code review for every change? I’m asking because many projects only review changes made by contributors.

2. Which code review tools are used?

3. Are static analyzers used? If they are used:
  a. Is passing the checks of the static analyzers necessary for a change to be accepted?
  b. Which static analyzers are used?

Thanks,

Radjino

Hi everyone,

I'm doing research on code reviews and static analysis tools at the SERG
group (http://swerl.tudelft.nl/bin/view/Main/WebHome) of the Delft
University of Technology. Currently, we want to give an overview of the
usage of code review and static analysis tools in open source projects.
Therefore, I would be very happy to know a little bit more about how code
reviews are used in Clang and if (and maybe how) static analysis tools are
used. I have a couple of questions for anyone willing to answer:

1. Do all developers (contributors and core developers) have to submit a
code review for every change? I’m asking because many projects only review
changes made by contributors.

Not exactly (& not sure what definition of 'contributor' you are using).
Pre-commit review is used by anyone who doesn't have commit rights and used
at best judgment by those who do (if you're committing to an unfamiliar
area, or a large/contentious patch, you might send it for review even
though you have commit access). Post-commit review happens on everything
(we just reply to auto-generated commit emails with any extra feedback we
have) though it's not enforced in any way. (nothing checks that every
commit is actually reviewed)

2. Which code review tools are used?

Email and sometimes Phabricator.

3. Are static analyzers used? If they are used:

Not really

  a. Is passing the checks of the static analyzers necessary for a change
to be accepted?

No

  b. Which static analyzers are used?

I don't think we have any bots running any SA systems, but I guess some
people run them manually from time to time and cleanup things.

Thanks for answering David, I appreciate it.

  • Radjino