1CSMOCK(1)                        User Commands                       CSMOCK(1)
2
3
4

NAME

6       csmock - run static analysis of the given SRPM using mock
7

DESCRIPTION

9       usage: csmock [-h] [-r MOCK_PROFILE] [-t TOOLS] [-a] [-l]
10
11              [--install    LIST_OF_PKGS]   [-o   OUTPUT]   [-f]   [-j   JOBS]
12              [--cswrap-timeout  CSWRAP_TIMEOUT]   [-U   EMBED_CONTEXT]   [-k]
13              [--skip-init]    [--no-clean]    [--no-scan]   [--print-defects]
14              [--no-print-defects]   [--base-srpm   BASE_SRPM]    [--base-root
15              BASE_MOCK_PROFILE]   [--skip-patches   |   --diff-patches  |  -c
16              SHELL_CMD]  [--defect-blacklist  DEFECT_BLACKLIST]   [--version]
17              [SRPM]
18
19   positional arguments:
20       SRPM   source RPM package to be scanned by static analyzers
21
22   optional arguments:
23       -h, --help
24              show this help message and exit
25
26       -r MOCK_PROFILE, --root MOCK_PROFILE
27              mock profile to use (defaults to mock's default)
28
29       -t TOOLS, --tools TOOLS
30              comma-spearated  list  of  tools  to  enable  (use  --listavail‐
31              able-tools to see the list of available tools)
32
33       -a, --all-tools
34              enable all available tools (use  --list-available-tools  to  see
35              the list of available tools)
36
37       -l, --list-available-tools
38              list available tools and exit
39
40       --install LIST_OF_PKGS
41              space-separated list of packages to install into the chroot
42
43       -o OUTPUT, --output OUTPUT
44              name of the tarball or directory to put the results to
45
46       -f, --force
47              overwrite the resulting file or directory if it exists already
48
49       -j JOBS, --jobs JOBS
50              maximal number of jobs running in parallel (passed to 'make')
51
52       --cswrap-timeout CSWRAP_TIMEOUT
53              maximal amount of time taken by analysis of a single module [s]
54
55       -U EMBED_CONTEXT, --embed-context EMBED_CONTEXT
56              embed  a number of lines of context from the source file for the
57              key event (defaults to 3).
58
59       -k, --keep-going
60              continue as much as possible after an error
61
62       --skip-init
63              do not run 'mock --init' before the scan  (may  lead  to  unpre‐
64              dictable scan results)
65
66       --no-clean
67              do not clean chroot when it becomes unused
68
69       --no-scan
70              do not analyze any package, just check versions of the analyzers
71
72       --print-defects
73              print  the  resulting list of defects (default if connected to a
74              tty)
75
76       --no-print-defects
77              disables --print-defects
78
79       --base-srpm BASE_SRPM
80              perform a differential scan against the specified base pacakge
81
82       --base-root BASE_MOCK_PROFILE
83              mock  profile  to  use  for  the  base  scan  (use   only   with
84              --base-srpm)
85
86       --skip-patches
87              skip patches not annotated by %{?_rawbuild} (vanilla build)
88
89       --diff-patches
90              scan with/without patches and diff the lists of defects
91
92       -c SHELL_CMD, --shell-cmd SHELL_CMD
93              use shell command to build the given tarball (instead of SRPM)
94
95       --defect-blacklist DEFECT_BLACKLIST
96              suppress  known  false  positives  loaded  from  the  given file
97              (defaults to "/usr/share/csmock/defectblacklist.err"  if  avail‐
98              able)
99
100       --version
101              print the version of csmock and exit
102

OUTPUT FORMAT

104       If  not  overridden  by  the --output option, csmock creates an archive
105       NVR.tar.xz in the current directory for an SRPM named  NVR.src.rpm  (or
106       NVR.tar.*  if  the --shell-cmd option is used).  The archive contains a
107       directory named NVR as the only  top-level  directory,  containing  the
108       following items:
109
110       scan-results.err  - scan results encoded as plain-text (for source code
111       editors)
112
113       scan-results.html - scan results encoded  as  HTML  (suitable  for  web
114       browsers)
115
116       scan-results.js  - scan results, including scan metadata, encoded using
117       JSON
118
119       scan-results-summary.txt - total count of defects found  by  particular
120       checkers
121
122       scan.ini - scan metadata encoded in the INI format
123
124       scan.log - scan log file (useful for debugging scan failures)
125
126       debug  -  a  directory  containing additional data (intended for csmock
127       debugging)
128
129       Note that external plug-ins of csmock may create additional files  (not
130       covered by this man page) in the directory with results.
131
132
133
134csmock csmock-2.3.0-2.fc31         July 2019                         CSMOCK(1)
Impressum