---target:obj-x86_64-pc-linux-gnu# It is used by 'mach static-analysis' and 'phabricator static-analysis bot'# in order to have consistency across the used checkers.# All the clang checks used by the static-analysis tools.## To add a new checker:# 1. Add it in this file# 2. Create a C/C++ test case in tools/clang-tidy/test/ reproducing the# warning/error that the checker will detect# 3. Run './mach static-analysis autotest -d' to create the reference# 4. Check the json file in tools/clang-tidy/test/# 5. Commit this file + the .cpp test case + the json resultplatforms:-linux64-macosx64-win32-win64# Minimum clang-tidy version that is required for all the following checkers# to work properly.# This is also used by 'mach clang-format'package_version:"19.1.7"clang_checkers:-name:-*publish:!!boolno-name:bugprone-argument-commentreliability:high-name:bugprone-assert-side-effectreliability:high-name:bugprone-bool-pointer-implicit-conversionreliability:low-name:bugprone-forward-declaration-namespacereliability:high-name:bugprone-incorrect-roundingsreliability:high-name:bugprone-integer-divisionreliability:high-name:bugprone-macro-parenthesesreliability:medium-name:bugprone-macro-repeated-side-effectsreliability:high-name:bugprone-misplaced-widening-castreliability:high-name:bugprone-move-forwarding-referencereliability:high-name:bugprone-multiple-statement-macro# Incompatible with our code base, see bug 1496379.publish:!!boolnoreliability:high-name:bugprone-sizeof-expressionreliability:high-name:bugprone-string-constructorreliability:high-name:bugprone-string-integer-assignmentreliability:high-name:bugprone-suspicious-memset-usagereliability:high-name:bugprone-suspicious-missing-commareliability:high-name:bugprone-suspicious-semicolonreliability:high-name:bugprone-suspicious-string-comparereliability:high-name:bugprone-swapped-argumentsreliability:high-name:bugprone-switch-missing-default-casereliability:high-name:bugprone-too-small-loop-variablereliability:high-name:bugprone-unused-raiireliability:high-name:bugprone-use-after-movereliability:high-name:clang-analyzer-core.CallAndMessagereliability:medium-name:clang-analyzer-core.DivideZeroreliability:high-name:clang-analyzer-core.NonNullParamCheckerreliability:high-name:clang-analyzer-core.NullDereferencereliability:medium-name:clang-analyzer-core.UndefinedBinaryOperatorResultreliability:medium-name:clang-analyzer-core.uninitialized.Assignreliability:medium-name:clang-analyzer-core.uninitialized.Branchreliability:medium-name:clang-analyzer-cplusplus.Movereliability:high-name:clang-analyzer-cplusplus.NewDeletereliability:medium-name:clang-analyzer-cplusplus.NewDeleteLeaksreliability:medium-name:clang-analyzer-deadcode.DeadStoresreliability:high-name:clang-analyzer-optin.performance.Paddingreliability:highconfig:-key:AllowedPadvalue:2-name:clang-analyzer-security.FloatLoopCounterreliability:high-name:clang-analyzer-security.insecureAPI.bcmpreliability:high-name:clang-analyzer-security.insecureAPI.bcopyreliability:high-name:clang-analyzer-security.insecureAPI.bzeroreliability:high-name:clang-analyzer-security.insecureAPI.getpwreliability:high# We don't add clang-analyzer-security.insecureAPI.gets here; it's deprecated.-name:clang-analyzer-security.insecureAPI.mkstempreliability:high-name:clang-analyzer-security.insecureAPI.mktempreliability:high-name:clang-analyzer-security.insecureAPI.randreliability:low# C checker, that is outdated and doesn't check for the new std::rand calls.publish:!!boolno-name:clang-analyzer-security.insecureAPI.strcpyreliability:low# The functions that should be used differ on POSIX and Windows, and there# isn't a consensus on how we should approach this.publish:!!boolno-name:clang-analyzer-security.insecureAPI.UncheckedReturnreliability:low-name:clang-analyzer-security.insecureAPI.vforkreliability:medium-name:clang-analyzer-unix.Mallocreliability:high-name:clang-analyzer-unix.cstring.BadSizeArgreliability:high-name:clang-analyzer-unix.cstring.NullArgreliability:high-name:cppcoreguidelines-narrowing-conversionsreliability:high-name:cppcoreguidelines-pro-type-member-initreliability:medium-name:misc-include-cleaner# Disable this checker until we move to before/afterreliability:highpublish:!!boolno-name:misc-non-copyable-objectsreliability:high-name:misc-redundant-expressionreliability:medium-name:misc-unused-alias-declsreliability:high-name:misc-unused-using-declsreliability:high-name:modernize-avoid-bindrestricted-platforms:-win32-win64reliability:medium-name:modernize-concat-nested-namespacesreliability:high-name:modernize-deprecated-ios-base-aliasesreliability:high-name:modernize-loop-convertreliability:high-name:modernize-raw-string-literalreliability:high-name:modernize-redundant-void-argreliability:high# We still have some old C code that is built with a C compiler, so this# might break the build.publish:!!boolno-name:modernize-shrink-to-fitreliability:high-name:modernize-use-autoreliability:high# Controversial, see bug 1371052.publish:!!boolno-name:modernize-use-bool-literalsreliability:high-name:modernize-use-equals-defaultreliability:high-name:modernize-use-equals-deletereliability:high-name:modernize-use-nullptrreliability:high-name:modernize-use-overridereliability:low# Too noisy because of the way how we implement NS_IMETHOD. See Bug 1420366.publish:!!boolno-name:modernize-use-usingreliability:high-name:mozilla-*reliability:high-name:performance-avoid-endlreliability:high# enable from clang 18# - name: performance-enum-size# reliability: high-name:performance-faster-string-findreliability:high-name:performance-for-range-copyreliability:high-name:performance-implicit-conversion-in-loopreliability:high-name:performance-inefficient-algorithmrestricted-platforms:-linux64-macosx64reliability:high# Disable as the test does not support C++17 yetpublish:!!boolno-name:performance-inefficient-string-concatenationreliability:high-name:performance-inefficient-vector-operationreliability:high-name:performance-move-const-argreliability:highconfig:-key:CheckTriviallyCopyableMove# As per Bug 1558359 - disable detection of trivially copyable types# that do not have a move constructor.value:0-name:performance-move-constructor-initreliability:high-name:performance-noexcept-move-constructorreliability:high-name:performance-type-promotion-in-math-fnreliability:high-name:performance-unnecessary-copy-initializationreliability:high-name:performance-unnecessary-value-paramreliability:highconfig:-key:AllowedTypes# Allow EnumSet because it only has a non-trivial copy constructor# in debug builds.value:::mozilla::EnumSet-name:readability-braces-around-statementsreliability:highconfig:-key:ShortStatementLines# Allow `if (foo) return;` without braces# Still warns on `if (foo)\n return;`value:1-name:readability-const-return-typereliability:high# Note: this can be loosened up by using the ShortStatementLines option-name:readability-container-size-emptyreliability:high-name:readability-delete-null-pointerreliability:high-name:readability-else-after-returnreliability:highconfig:-key:WarnOnConditionVariables# Disable as we don't mind this kind of behaviorvalue:0-name:readability-implicit-bool-conversionreliability:low# On automation the config flags act strange. Please see Bug 1500241.publish:!!boolnoconfig:-key:AllowIntegerConditions# The check will allow conditional integer conversions.value:1-key:AllowPointerConditions# The check will allow conditional pointer conversions.value:1-name:readability-inconsistent-declaration-parameter-namereliability:high-name:readability-isolate-declaration# As per bug 1558987 - we don't want to have this enabledpublish:!!boolnoreliability:high-name:readability-magic-numbers# Bug 1553495 - we must see first its impact on our code.publish:!!boolnoreliability:high-name:readability-misleading-indentationreliability:high-name:readability-non-const-parameterreliability:high-name:readability-qualified-autoreliability:high-name:readability-redundant-control-flowreliability:high-name:readability-redundant-member-initreliability:high-name:readability-redundant-preprocessorreliability:high-name:readability-redundant-smartptr-getreliability:high-name:readability-redundant-string-cstrreliability:high-name:readability-redundant-string-initreliability:high-name:readability-static-accessed-through-instancereliability:high-name:readability-simplify-boolean-exprreliability:highconfig:-key:SimplifyDeMorgan# Don't want to enable DeMorgan expressions because of MOZ_ASSERT()# See Bug 1804160value:0-name:readability-uniqueptr-delete-releasereliability:high# We don't publish the google checkers since we are interested in only having# a general idea how our code complies with the rules added by these checkers.-name:google-build-explicit-make-pairreliability:lowpublish:!!boolno-name:google-build-namespacesreliability:lowpublish:!!boolno-name:google-build-using-namespacereliability:lowpublish:!!boolno-name:google-default-argumentsreliability:lowpublish:!!boolno-name:google-explicit-constructorreliability:lowpublish:!!boolno-name:google-global-names-in-headersreliability:lowpublish:!!boolno-name:google-readability-castingreliability:lowpublish:!!boolno-name:google-readability-function-sizereliability:lowpublish:!!boolno-name:google-readability-namespace-commentsreliability:lowpublish:!!boolno-name:google-readability-todoreliability:lowpublish:!!boolno-name:google-runtime-intreliability:lowpublish:!!boolno-name:google-runtime-operatorreliability:lowpublish:!!boolno-name:google-runtime-referencesreliability:lowpublish:!!boolno