This demo session will show how we can easily check the sanity of code in our project. There is a tool named csmock, which takes an SRPM (or upstream tarball) and produces a list of possible defects in its code. Besides plug-ins for C/C++ analyzers (GCC, Clang, Cppcheck), csmock now comes with experimental plug-ins for static analysis of python and shell scripts. We will also discuss how we can efficiently process the results of these tools and how to integrate them into our workflow.
