csmock (1) - Linux Manuals

csmock: run static analysis of the given SRPM using mock


csmock - run static analysis of the given SRPM using mock


usage: csmock [-h] [-r MOCK_PROFILE] [-t TOOLS] [-a] [-l]
[--install LIST_OF_PKGS] [-o OUTPUT] [-f] [-j JOBS] [--cswrap-timeout CSWRAP_TIMEOUT] [-U EMBED_CONTEXT] [-k] [--no-clean] [--no-scan] [--print-defects] [--no-print-defects] [--base-srpm BASE_SRPM] [--base-root BASE_MOCK_PROFILE] [--skip-patches | --diff-patches | -c SHELL_CMD] [--version] [SRPM]

positional arguments:

source RPM package to be scanned by static analyzers

optional arguments:

-h, --help
show this help message and exit
mock profile to use (defaults to mock's default)
-t TOOLS, --tools TOOLS
comma-spearated list of tools to enable (use --listavailable-tools to see the list of available tools)
-a, --all-tools
enable all available tools (use --list-available-tools to see the list of available tools)
-l, --list-available-tools
list available tools and exit
--install LIST_OF_PKGS
space-separated list of packages to install into the chroot
-o OUTPUT, --output OUTPUT
name of the tarball or directory to put the results to
-f, --force
overwrite the resulting file or directory if it exists already
-j JOBS, --jobs JOBS
maximal number of jobs running in parallel (passed to 'make')
--cswrap-timeout CSWRAP_TIMEOUT
maximal amount of time taken by analysis of a single module [s]
embed a number of lines of context from the source file for the key event (defaults to 3).
-k, --keep-going
continue as much as possible after an error
do not clean chroot when it becomes unused
do not analyze any package, just check versions of the analyzers
print the resulting list of defects (default if connected to a tty)
disables --print-defects
--base-srpm BASE_SRPM
perform a differential scan against the specified base pacakge
mock profile to use for the base scan (use only with --base-srpm)
skip patches not annotated by %{?_rawbuild} (vanilla build)
scan with/without patches and diff the lists of defects
-c SHELL_CMD, --shell-cmd SHELL_CMD
use shell command to build the given tarball (instead of SRPM)
print the version of csmock and exit


If not overridden by the --output option, csmock creates an archive NVR.tar.xz in the current directory for an SRPM named NVR.src.rpm (or NVR.tar.* if the --shell-cmd option is used). The archive contains a directory named NVR as the only top-level directory, containing the following items:

scan-results.err - scan results encoded as plain-text (for source code editors)

scan-results.html - scan results encoded as HTML (suitable for web browsers)

scan-results.js - scan results, including scan metadata, encoded using JSON

scan-results-summary.txt - total count of defects found by particular checkers

scan.ini - scan metadata encoded in the INI format

scan.log - scan log file (useful for debugging scan failures)

debug - a directory containing additional data (intended for csmock debugging)

Note that external plug-ins of csmock may create additional files (not covered by this man page) in the directory with results.