a6262cf3f0
Summary: Bumps [infer-annotation](https://github.com/facebook/infer) from 0.11.2 to 0.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/infer/releases">infer-annotation's releases</a>.</em></p> <blockquote> <h2>Infer version 0.17.0</h2> <p>This is a binary release of Infer for Linux and MacOS. To use it follow these <a href="http://fbinfer.com/docs/getting-started.html">instructions</a>.</p> <h4>Highlights:</h4> <ul> <li>There’s a new <code>--inefficient-keyset-iterator</code> checker for finding inefficient uses of Java's keyset iterators that retrieve both key and value (on by default).</li> <li>Complete the set of Android thread annotations and Java nullability annotations. Updated artifacts are available on <a href="https://search.maven.org/artifact/com.facebook.infer.annotation/infer-annotation/0.17.0/jar">Maven Central</a>.</li> <li><code>--starvation</code> is now on by default. This analysis catches problems with threads not being able to make progress due to locking issues, incorrect scheduling priorities, etc. For instance, on Android calling Future.get from a UiThread without a sensible timeout will be flagged as a starvation issue.</li> <li>New Objective-C linter for calls to <code>optional</code> methods: <code>UNSAFE_CALL_TO_OPTIONAL_METHOD</code>, enabled by default.</li> <li>A new call-graph scheduler (<code>--call-graph-schedule</code>) improves performance of the analysis phase of Infer, especially when the number of files to analyze is less than available CPUs.</li> <li>A new flag <code>--oom-threshold</code> allows to throttle the analysis when the amount of free memory is below the provided threshold.</li> <li>New genrule based Buck/Java integration is much faster than the previous one, use with <code>--genrule-master-mode</code>.</li> <li>Infer’s internal clang is now in version 8.0.0.</li> <li>Update to javalib 3.1 provides better compatibility with Java 9 and Java 11. Refer to <a href="https://github.com/javalib-team/javalib/blob/master/CHANGELOG">their change log</a> for more details.</li> <li>Infer can now be built and run on MacOS Mojave without fiddling with <code>SDKROOT</code> (although you still might need it with non-standard toolchain setup).</li> <li>[β] <strong>Pulse</strong> is a new experimental lifetime analysis for C++, give it a try with <code>--pulse</code>. Beware that it doesn’t report much yet.</li> <li><code>--ownership</code> checker was superseded by Pulse and removed.</li> </ul> <p>... and many other fixes and improvements. For the full list of changes included see <a href="https://github.com/facebook/infer/compare/v0.16.0...v0.17.0">here</a>.</p> <p>The facebook-clang-plugins version used for this release is <a href="https://github.com/facebook/facebook-clang-plugins/commit/9386890e42043d04f9">https://github.com/facebook/facebook-clang-plugins/commit/9386890e42043d04f9</a> cd9e7b204cb525d4417c41.</p> <p>The sha256 checksums of the tarballs are:</p> <pre><code>$ shasum -a 256 infer-*-v0.17.0.tar.xz de972ba3043f18b29a8eff6cd7612e24f5ffaef038dc7949befeaf490931725e infer-linux64-v0.17.0.tar.xz 1a3ef6fb51846ae63ffd7fde3b0255f75bab6157f5de1842606fa32988d101f8 infer-osx-v0.17.0.tar.xz </code></pre> <h2>Infer version 0.16.0</h2> <p>This is a binary release of Infer for Linux and MacOS. To use it follow these <a href="http://fbinfer.com/docs/getting-started.html">instructions</a>.</p> <p>It's been a long time since the previous release, here are some new features and improvements you can find in this new release:</p> <p>Backend analyses:</p> <ul> <li>A brand new analysis to compute the runtime cost of methods and functions: passing <code>--cost</code> (off by default) to Infer will output a costs-report.json file describing, among others, the computational complexity of each function in the code using the big-O notation, eg <code>O(1)</code>, <code>O(list.length)</code>, ...</li> <li>The deadlock detection analysis has been ported to C++ and Objective-C and mainly focuses on self-deadlocks (taking a mutex twice). Activate with <code>--starvation</code> (off by default).</li> <li>The data race detector RacerD has been ported to Objective-C and detects races on fields protected by a C++ mutex. It reports "Thread Safety Violation" and "GuardedBy Violation" errors on Java and "Lock Consistency Violation" on C++ and Objective-C. Activate with <code>--racerd</code> (on by default).</li> <li>A progress bar is displayed while the analysis is running</li> <li>Countless improvements and tweaks, in particular in RacerD and in analyses for C++.</li> </ul> <p>Frontends:</p> <ul> <li>Infer now ships with clang version 7.0.1</li> <li>Support for Java up to version 11</li> </ul> <p>The sha256 checksums of the tarballs are:</p> <pre><code></tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/facebook/infer/blob/master/Changelog.md">infer-annotation's changelog</a>.</em></p> <blockquote> <h2>Version 0.17.0</h2> <ul> <li>There's a new <code>--inefficient-keyset-iterator</code> checker for finding inefficient uses of Java's keyset iterators that retrieve both key and value (on by default).</li> <li>Complete the set of Android thread annotations and Java nullability annotations. Updated artifacts are available on <a href="https://search.maven.org/artifact/com.facebook.infer.annotation/infer-annotation/0.17.0/jar">Maven Central</a>.</li> <li><code>--starvation</code> is now on by default. This analysis catches problems with threads not being able to make progress due to locking issues, incorrect scheduling priorities, etc. For instance, on Android calling Future.get from a UiThread without a sensible timeout will be flagged as a starvation issue.</li> <li>New Objective-C linter for calls to <code>optional</code> methods: <code>UNSAFE_CALL_TO_OPTIONAL_METHOD</code>, enabled by default.</li> <li>A new call-graph scheduler (<code>--call-graph-schedule</code>) improves performance of the analysis phase of Infer, especially when the number of files to analyze is less than available CPUs.</li> <li>A new flag <code>--oom-threshold</code> allows to throttle the analysis when the amount of free memory is below the provided threshold.</li> <li>New genrule based Buck/Java integration is much faster than the previous one, use with <code>--genrule-master-mode</code>.</li> <li>Infer's internal clang is now in version 8.0.0.</li> <li>Update to javalib 3.1 provides better compatibility with Java 9 and Java 11. Refer to <a href="https://github.com/javalib-team/javalib/blob/master/CHANGELOG">their change log</a> for more details.</li> <li>Infer can now be built and run on MacOS Mojave without fiddling with <code>SDKROOT</code> (although you still might need it with non-standard toolchain setup).</li> <li>[β] <strong>Pulse</strong> is a new experimental lifetime analysis for C++, give it a try with <code>--pulse</code>. Beware that it doesn't report much yet.</li> <li><code>--ownership</code> checker was superseded by Pulse and removed.</li> </ul> <h2>Version 0.16.0</h2> <p>Backend analyses:</p> <ul> <li>A brand new analysis to compute the runtime cost of methods and functions: passing <code>--cost</code> (off by default) to Infer will output a costs-report.json file describing, among others, the computational complexity of each function in the code using the big-O notation, eg <code>O(1)</code>, <code>O(list.length)</code>, ...</li> <li>The deadlock detection analysis has been ported to C++ and Objective-C and mainly focuses on self-deadlocks (taking a mutex twice). Activate with <code>--starvation</code> (off by default).</li> <li>The data race detector RacerD has been ported to Objective-C and detects races on fields protected by a C++ mutex. It reports "Thread Safety Violation" and "GuardedBy Violation" errors on Java and "Lock Consistency Violation" on C++ and Objective-C. Activate with <code>--racerd</code> (on by default).</li> <li>A progress bar is displayed while the analysis is running</li> <li>Countless improvements and tweaks, in particular in RacerD and in analyses for C++.</li> </ul> <p>Frontends:</p> <ul> <li>Infer now ships with clang version 7.0.1</li> <li>Support for Java up to version 11</li> </ul> <h2>Version 0.15.0</h2> <ul> <li>switch infer license to MIT</li> <li>publish binaries</li> <li>[clang] lots of improvements to the frontend</li> </ul> <h2>Version 0.14.0</h2> <ul> <li>New checker: <code>--ownership</code> detects a subset of use-after-free issues due to bad manual memory management. This is a rough prototype of Rust-style borrow checker for C++. (enabled by default, C++)</li> <li>New checker: <code>--uninit</code> detects uses of uninitialized values (enabled by default, C/C++/Objective-C)</li> <li>New checker: <code>--racerd</code> now also detects inconsistent lock usage in C++. Also improved the lock domain to reduce false positives for all languages.</li> <li>Improved C++ support: destructors are now properly translated; addresses and pointers are handled more precisely</li> <li>Improved retain cycles detection (Objective-C)</li> <li>Upgraded the internal clang to clang 7</li> <li>[internal] SQLite is being used to store some of infer's analysis artefacts instead of storing them in files on disk. This improves analysis speed and reduces load on the OS.</li> </ul> <h2>Version 0.13.1</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/facebook/infer/commits/infer-annotation-0.18.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `dependabot rebase` will rebase this PR - `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `dependabot merge` will merge this PR after your CI passes on it - `dependabot squash and merge` will squash and merge this PR after your CI passes on it - `dependabot cancel merge` will cancel a previously requested merge and block automerging - `dependabot reopen` will reopen this PR if it is closed - `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Pull Request resolved: https://github.com/facebook/flipper/pull/2044 Reviewed By: nikoant Differential Revision: D26947169 Pulled By: passy fbshipit-source-id: 2158ae6518094e8521f3a2c21f9e62bb6bb8dacf
Flipper
Flipper (formerly Sonar) is a platform for debugging mobile apps on iOS and Android. Visualize, inspect, and control your apps from a simple desktop interface. Use Flipper as is or extend it using the plugin API.
Table of Contents
- Mobile development
- Extending Flipper
- Contributing to Flipper
- In this repo
- Getting started
- Building from Source
- iOS SDK + Sample App
- Android SDK + Sample app
- Documentation
- Contributing
- License
Mobile development
Flipper aims to be your number one companion for mobile app development on iOS and Android. Therefore, we provide a bunch of useful tools, including a log viewer, interactive layout inspector, and network inspector.
Extending Flipper
Flipper is built as a platform. In addition to using the tools already included, you can create your own plugins to visualize and debug data from your mobile apps. Flipper takes care of sending data back and forth, calling functions, and listening for events on the mobile app.
Contributing to Flipper
Both Flipper's desktop app and native mobile SDKs are open-source and MIT licensed. This enables you to see and understand how we are building plugins, and of course, join the community and help to improve Flipper. We are excited to see what you will build on this platform.
In this repo
This repository includes all parts of Flipper. This includes:
- Flipper's desktop app built using Electron (
/desktop) - native Flipper SDKs for iOS (
/iOS) - native Flipper SDKs for Android (
/android) - Plugins:
- Logs (
/desktop/src/device-plugins/logs) - Layout inspector (
/desktop/plugins/layout) - Network inspector (
/desktop/plugins/network) - Shared Preferences/NSUserDefaults inspector (
/desktop/plugins/shared_preferences)
- Logs (
- website and documentation (
/website//docs)
Getting started
Please refer to our Getting Started guide to set up Flipper.
Requirements
- node >= 8
- yarn >= 1.5
- iOS developer tools (for developing iOS plugins)
- Android SDK and adb
Building from Source
Desktop
Running from source
git clone https://github.com/facebook/flipper.git
cd flipper/desktop
yarn
yarn start
NOTE: If you're on Windows, you need to use Yarn 1.5.1 until this issue is resolved.
Building standalone application
Provide either --mac, --win, --linux or any combination of them
to yarn build to build a release zip file for the given platform(s). E.g.
yarn build --mac --version $buildNumber
You can find the resulting artifact in the dist/ folder.
iOS SDK + Sample App
cd iOS/Sample
rm -f Podfile.lock
pod install --repo-update
open Sample.xcworkspace
<Run app from xcode>
You can omit --repo-update to speed up the installation, but watch out as you may be building against outdated dependencies.
Android SDK + Sample app
Start up an android emulator and run the following in the project root:
./gradlew :sample:installDebug
React Native SDK + Sample app
cd react-native/ReactNativeFlipperExample
yarn
yarn android
Note that the first 2 steps need to be done only once.
Alternatively, the app can be started on iOS by running yarn ios.
Troubleshooting
Older yarn versions might show an error / hang with the message 'Waiting for the other yarn instance to finish'. If that happens, run the command yarn first separately in the directory react-native/react-native-flipper.
Documentation
Find the full documentation for this project at fbflipper.com.
Our documentation is built with Docusaurus. You can build it locally by running this:
cd website
yarn
yarn start
Contributing
See the CONTRIBUTING file for how to help out.
License
Flipper is MIT licensed, as found in the LICENSE file.