Skip to content

build: add clang-tidy integration#14660

Merged
lovesegfault merged 3 commits intoNixOS:masterfrom
lovesegfault:clang-tidy
Mar 17, 2026
Merged

build: add clang-tidy integration#14660
lovesegfault merged 3 commits intoNixOS:masterfrom
lovesegfault:clang-tidy

Conversation

@lovesegfault
Copy link
Copy Markdown
Member

@lovesegfault lovesegfault commented Nov 26, 2025
edited
Loading

Motivation

Just early days, partially a side-port of how Lix achieved this :)

Context

Fixes: #11839

Add 👍 to pull requests you find important.

The Nix maintainer team uses a GitHub project board to schedule and track reviews.

@xokdvium
Copy link
Copy Markdown
Contributor

xokdvium commented Nov 26, 2025

Needs proper attribution to lix contributors tho

@lovesegfault
Copy link
Copy Markdown
Member Author

lovesegfault commented Nov 26, 2025

Yeah, I think we need to figure out how to do that (Co-Authored-By vs. notice in files vs. referencing the change-id from gerrit in the commit, etc)

@lovesegfault lovesegfault force-pushed the clang-tidy branch 2 times, most recently from a0d63e1 to 5d11241 Compare November 26, 2025 21:39
@Mic92
Copy link
Copy Markdown
Member

Mic92 commented Nov 27, 2025

Yeah, I think we need to figure out how to do that (Co-Authored-By vs. notice in files vs. referencing the change-id from gerrit in the commit, etc)

Co-authored-by is what we tended to do and referencing commit urls in messages.

@lovesegfault
Copy link
Copy Markdown
Member Author

lovesegfault commented Dec 2, 2025

Fixed with proper attribution :)

@xokdvium xokdvium mentioned this pull request Mar 11, 2026
Closed
@lovesegfault lovesegfault requested a review from xokdvium March 12, 2026 00:52
@lovesegfault
Copy link
Copy Markdown
Member Author

lovesegfault commented Mar 12, 2026

@xokdvium i think this is good to go?

@xokdvium
Copy link
Copy Markdown
Contributor

xokdvium commented Mar 12, 2026

Yeah this has been in my mind. Will review in the next few days. Very pumped to have this!

xokdvium
xokdvium reviewed Mar 12, 2026
View reviewed changes
xokdvium
xokdvium approved these changes Mar 12, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@xokdvium xokdvium left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some minor comments and nitpicks. Otherwise seems great!

@xokdvium
Copy link
Copy Markdown
Contributor

xokdvium commented Mar 12, 2026

The CI needs some massaging. My CRTP mixin for CloneableError seems to anger clang-tidy :)

@xokdvium
Copy link
Copy Markdown
Contributor

xokdvium commented Mar 17, 2026

Ah nice, could we backport the second commit?

xokdvium
xokdvium reviewed Mar 17, 2026
View reviewed changes
lovesegfault and others added 3 commits March 17, 2026 01:59
@lovesegfault
fix(libutil): make CloneableError CRTP-safe
d65d9a9 
The CRTP mixin had a publicly-accessible implicit default constructor,
allowing misuse like 'class Foo : CloneableError<Bar, Error>' where
Foo != Bar. clang-tidy's bugprone-crtp-constructor-accessibility flags
this.

Make construction private and befriend Derived. The explicit defaulted
constructor is required: 'using Base::Base' does not count as
user-declared for purposes of suppressing the implicit (public) default.
The MakeError macro's 'using CloneableError<...>::CloneableError'
re-export continues to work because the derived class is the friend.
@lovesegfault
fix(libutil): hoist fd.get() out of unsequenced lambda init-capture
24e9a76 
In seekableGetNarBytes(path), the lambda init-captures
'inner = seekableGetNarBytes(fd.get())' and 'fd = ...std::move(fd)...'
are unsequenced: C++ does not guarantee left-to-right evaluation of
init-captures. If the move evaluates first, fd.get() reads from a
moved-from AutoCloseFD.

Hoist the inner call before the lambda to sequence it explicitly.

Caught by clang-tidy's bugprone-use-after-move.
@lovesegfault @lf-
build: add clang-tidy integration
9078eb9 
- Add meson infrastructure for clang-tidy in nix-meson-build-support/common/clang-tidy/
  with compile_commands.json cleaning and parallel runner
- Create custom clang-tidy plugin scaffolding in src/clang-tidy-plugin/
- Add enableClangTidyLayer in packaging/components.nix that runs clang-tidy
  on all C++ components via postBuild hook
- Add clangTidy Hydra job in packaging/hydra.nix
- Add clang-tidy CI job in .github/workflows/ci.yml to enforce on PRs
- Document usage in doc/manual/source/development/static-analysis.md

Uses debug build mode and skips tests for faster CI. Warnings are treated
as errors to catch issues early.

Inspired by Lix's clang-tidy implementation.

Lix Change-Ids:
- I1d2aa6ec32deb1db1fbd581127334db1b972323c
- I3df5f5855712ab4f97d4e84d771e5e818f81f881
- Ifefe533f3b56874795de231667046b2da6ff2461
- Ifca22e443d357762125f4ad6bc4f568af3a26c62

Co-Authored-By: Jade Lovelace <lix@jade.fyi>
@lovesegfault lovesegfault enabled auto-merge March 17, 2026 02:14
@lovesegfault lovesegfault added this pull request to the merge queue Mar 17, 2026
Merged via the queue into NixOS:master with commit f2d4cc7 Mar 17, 2026
16 checks passed
@lovesegfault lovesegfault deleted the clang-tidy branch March 17, 2026 03:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xokdvium xokdvium xokdvium approved these changes

@edolstra edolstra Awaiting requested review from edolstra edolstra is a code owner

@Ericson2314 Ericson2314 Awaiting requested review from Ericson2314

@roberth roberth Awaiting requested review from roberth

+1 more reviewer

@Eveeifyeve Eveeifyeve Eveeifyeve approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

documentation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Making use of static analysis to find bugs and UB

4 participants

@lovesegfault @xokdvium @Mic92 @Eveeifyeve