TL;DR -- “reviewbot” is now enabled in Phabricator. It reports potential
defects in pending patches for Firefox.
Last year, we announced Code Review Bot (“reviewbot”, née “clangbot”), a
Taskcluster bot that analyzes every patch submitted to MozReview, in order
to automatically detect and report code defects *before* they land in
Nightly:
https://groups.google.com/d/msg/mozilla.dev.platform/TFfjCRdGz_E/8leqTqvBCAAJ
Developer feedback has been very positive, and the bot has caught many
defects, thus improving the quality of Firefox.
Today, we’re happy to announce that reviewbot analyzes every patch
submitted to Phabricator as well.
Here is an example of an automated review in Phabricator:
https://phabricator.services.mozilla.com/D2120
Additionally, we’ve made a number of improvements to this bot over the past
months. Notably:
- Enabled several clang-tidy checks to catch more C/C++ defects (e.g.
performance and security issues)
- Integrated Mozlint in order to catch JS/Python/wpt defects as well
- Fixed several bugs, like the lowercase code snippets in comments
- We’re now detecting up to 5x more defects in some patches
Please report any bugs with the bot here:
https://bit.ly/2tb8Qk3
As for next steps, we’re currently discussing a few ideas for the project’s
future, including:
- Catch more bugs by comparing defects before & after a patch is applied
(currently, we report defects located on lines that are directly modified
by the patch)
- Evaluate which defect types are generally being fixed or ignored
- Evaluate analyzing Rust code with rust-clippy
- Help with coding style by leveraging clang-format
- Integrate more deeply with Phabricator, e.g. by reporting a build status
for our analysis
- Integrate our analysis with Try, in order to unify our various CI and
code analysis tools
Many thanks to everyone who helped make this a reality: Bastien, who did
most of the implementation and bug fixing, Marco, Andi, Calixte, Sylvestre,
Ahal, the Release Management Analysis team and the Engineering Workflow
team.
Jan