Update version and CHANGELOG for new release: 0.9.0. (#446)

CHANGELOG.md

@@ -10,15 +10,55 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 
 ### Changed
 
+### Fixed
+
+### Removed
+
+## v0.9.0 - 2022-09-12
+
+### Added
+
+- The new `--level` flag can be set on the command line and will override all other levels, even non-default levels
+  specified in a `--profile` flag when running Statick.
+  The expectation is that a user setting the `--level` flag will explicitly want that level for the entire Statick run
+  (single package or multiple packages in a workspace).
+  If separate levels are desired per package then the user should not use the `--level` flag. (#429, #436)
+- Ubuntu 22.04 is now included in the main test environment matrix when running GitHub Actions. (#444)
+- The `--timings` flag will print timing information to the console after a Statick run.
+  Timing information is available for file discovery, for each individual plugin, and for overall duration. (#443)
+
+### Changed
+
 - Default behavior for Statick will now run all available discovery plugins, and run all tool plugins where
-  their desired source files are available, then output results only on the terminal. (#432, #435)
+  their desired source files are available, then output results only on the terminal.
   The old default behavior was to run the "sei_cert" profile, this is still doable via either of the
-  following arguments: `--profile sei_cert.yaml` or `--level sei_cert`
-
-### Fixed
+  following arguments: `--profile sei_cert.yaml` or `--level sei_cert`. (#432, #435)
+- When running unit tests with tox, Statick uses pytest-flake8.
+  A recent upstream bug causes issues when using the latest version of pytest-flake8.
+  Statick is now pinning the version of pytest-flake8 to the previous major version.
+  Details of the upstream issue are at tholo/pytest-flake8#87. (#440)
+- Updated configuration files that come with Statick to use the recommended list format when specifying plugins on
+  the `inherits_from` setting. (#427)
+
+### Fixed
+
+- CMake discovery plugin and cmakelint tool plugin handle files with .cmake extension. (#434)
+  - This follows the CMake manual at <https://cmake.org/cmake/help/latest/manual/cmake-language.7.html#organization>.
+    > CMake input files are written in the "CMake Language" in source files named CMakeLists.txt or ending in a
+    > .cmake file name extension.
+- Support latest PyPI version of mypy.
+  Required removing a mypy ignore comment. (#437)
+- The ROS discovery plugin was setting the file type of the package to a boolean value rather than a string describing
+  the actual file type.
+  Mixing types between packages caused bugs in tool plugins.
+  The ROS discovery plugin now acts consistently with other discovery plugins. (#439)
 
 ### Removed
 
+- Usage of `inherits_from` flag in configuration files as a string is no longer supported.
+  The levels specified in `inherits_from` must now be in list format.
+  The string usage has been deprecated since v0.7.1. (#427)
+
 ## v0.8.1 - 2022-06-06
 
 ### Fixed

README.md

@@ -28,40 +28,43 @@ Statick is a plugin-based tool with an explicit goal to support external, option
 
 ## Table of Contents
 
-* [Installation](#installation)
-* [Basic Usage](#basic-usage)
-* [Concepts](#contents)
-  * [Discovery](#discovery)
-  * [Tools](#tools)
-  * [Reporting](#reporting)
-* [Basic Configuration](#basic-configuration)
-  * [Levels](#levels)
-  * [Profiles](#profiles)
-  * [Exceptions](#exceptions)
-* [Advanced Installation](#advanced-installation)
-* [Existing Plugins](#existing-plugins)
-  * [Discovery Plugins](#discovery-plugins)
-  * [Tool Plugins](#tool-plugins)
-  * [Reporting Plugins](#reporting-plugins)
-  * [External Plugins](#external-plugins)
-* [Customization](#customization)
-  * [User Paths](#user-paths)
-  * [Custom Profile](#custom-profile)
-  * [Custom Configuration](#custom-configuration)
-  * [Custom Cppcheck Configuration](#custom-cppcheck-configuration)
-  * [Custom CMake Flags](#custom-cmake-flags)
-  * [Custom Clang Format Configuration](#custom-clang-format-configuration)
-* [Custom Plugins](#custom-plugins)
-* [ROS Workspaces](#ros-workspaces)
-* [Examples](#examples)
-* [Troubleshooting](#troubleshooting)
-  * [Make Tool Plugin](#make-tool-plugin)
-  * [CMake Discovery Plugin](#cmake-discovery-plugin)
-* [Contributing](#contributing)
-  * [Tests](#tests)
-  * [Mypy](#mypy)
-  * [Formatting](#formatting)
-* [Original Author](#original-author)
+- [Statick](#statick)
+  - [Table of Contents](#table-of-contents)
+  - [Installation](#installation)
+  - [Basic Usage](#basic-usage)
+  - [Concepts](#concepts)
+    - [Discovery](#discovery)
+    - [Tools](#tools)
+    - [Reporting](#reporting)
+  - [Basic Configuration](#basic-configuration)
+    - [Levels](#levels)
+    - [Profiles](#profiles)
+    - [Exceptions](#exceptions)
+    - [Timings](#timings)
+  - [Advanced Installation](#advanced-installation)
+  - [Existing Plugins](#existing-plugins)
+    - [Discovery Plugins](#discovery-plugins)
+    - [Tool Plugins](#tool-plugins)
+    - [Reporting Plugins](#reporting-plugins)
+    - [External Plugins](#external-plugins)
+  - [Customization](#customization)
+    - [User Paths](#user-paths)
+    - [Custom Profile](#custom-profile)
+    - [Custom Configuration](#custom-configuration)
+    - [Custom Cppcheck Configuration](#custom-cppcheck-configuration)
+    - [Custom CMake Flags](#custom-cmake-flags)
+    - [Custom Clang Format Configuration](#custom-clang-format-configuration)
+  - [Custom Plugins](#custom-plugins)
+  - [Examples](#examples)
+  - [ROS Workspaces](#ros-workspaces)
+  - [Troubleshooting](#troubleshooting)
+    - [Make Tool Plugin](#make-tool-plugin)
+    - [CMake Discovery Plugin](#cmake-discovery-plugin)
+  - [Contributing](#contributing)
+    - [Tests](#tests)
+    - [Mypy](#mypy)
+    - [Formatting](#formatting)
+  - [Original Author](#original-author)
 
 ## Installation
 
@@ -120,9 +123,9 @@ The term _package_ is still used to designate a directory with source code.
 
 When Statick is invoked there are three major steps involved:
 
-* _Discover_ source code files in each _package_ and determine what programming language the files are written in.
-* Run all configured _tools_ against source files that the individual _tool_ can analyze to find issues.
-* _Report_ the results.
+- _Discover_ source code files in each _package_ and determine what programming language the files are written in.
+- Run all configured _tools_ against source files that the individual _tool_ can analyze to find issues.
+- _Report_ the results.
 
 The default behavior for Statick is to return an exit code of success unless Statick has an internal error.
 It can be useful to have Statick return an exit code indicating an error if any issues are found.
@@ -271,16 +274,20 @@ Carnegie Mellon University Software Engineering Institute
 The rules and flags can be found in the
 [SEI CERT C/C++ Analyzers](https://wiki.sei.cmu.edu/confluence/display/cplusplus/CC.+Analyzers) chapter.
 
+Using the `--level` flag when running Statick will result in that specific level running for all packages regardless
+of what the `--profile` is set to.
+The specified _level_ from the `--level` flag must exist in the default configuration file or a custom configuration file.
+
 ### Exceptions
 
 _Exceptions_ are used to ignore false positive warnings or warnings that will not be corrected.
 This is a very important part of Statick, as many _tools_ are notorious for generating false positive warnings,
 and sometimes source code in a project is not allowed to be modified for various reasons.
 Statick allows _exceptions_ to be specified in three different ways:
 
-* Placing a comment with `NOLINT` on the line of source code generating the warning.
-* Using individual _tool_ methods for ignoring warnings (such as adding `# pylint: disable=<warning>`in Python source code).
-* Via an `excpetions.yaml` file.
+- Placing a comment with `NOLINT` on the line of source code generating the warning.
+- Using individual _tool_ methods for ignoring warnings (such as adding `# pylint: disable=<warning>`in Python source code).
+- Via an `excpetions.yaml` file.
 
 ```yaml
 global:
@@ -337,6 +344,62 @@ level of the yaml.
 
 The `ignore_packages` key is a list of package names that should be skipped when running Statick.
 
+### Timings
+
+Use of the `--timings` flag will print timing information to the console.
+The information is provided for file discovery, for each individual plugin, and for overall duration.
+Example output is
+
+```shell
+$ statick . --output-directory /tmp/x --timings
+
++---------+------------------+-------------+----------+
+| package |       name       | plugin_type | duration |
++---------+------------------+-------------+----------+
+| statick |    find files    |  Discovery  |  6.7783  |
+| statick |       ros        |  Discovery  |  0.0001  |
+| statick |      cmake       |  Discovery  |  0.0006  |
+| statick |       yaml       |  Discovery  |  0.0034  |
+| statick |       java       |  Discovery  |  0.0007  |
+| statick |        C         |  Discovery  |  0.0023  |
+| statick |      shell       |  Discovery  |  0.0016  |
+| statick |      groovy      |  Discovery  |  0.0006  |
+| statick |       perl       |  Discovery  |  0.0004  |
+| statick |       xml        |  Discovery  |  0.0006  |
+| statick |      python      |  Discovery  |  0.0020  |
+| statick |      maven       |  Discovery  |  0.0092  |
+| statick |    perlcritic    |    Tool     |  0.0000  |
+| statick |     cpplint      |    Tool     |  0.0000  |
+| statick |       make       |    Tool     |  0.0000  |
+| statick |    clang-tidy    |    Tool     |  0.0000  |
+| statick |      bandit      |    Tool     |  0.7980  |
+| statick |    groovylint    |    Tool     |  3.0717  |
+| statick |     pyflakes     |    Tool     |  4.3773  |
+| statick |   clang-format   |    Tool     |  0.0063  |
+| statick |   pycodestyle    |    Tool     |  2.5456  |
+| statick |      black       |    Tool     |  5.0089  |
+| statick |      lizard      |    Tool     |  0.6869  |
+| statick |       cccc       |    Tool     |  0.0000  |
+| statick |     cppcheck     |    Tool     |  0.0163  |
+| statick |     xmllint      |    Tool     |  0.0050  |
+| statick |      pylint      |    Tool     | 55.3768  |
+| statick |   catkin_lint    |    Tool     |  0.0000  |
+| statick |    shellcheck    |    Tool     |  0.0736  |
+| statick |     yamllint     |    Tool     |  2.2244  |
+| statick |    do_nothing    |    Tool     |  0.0000  |
+| statick |     spotbugs     |    Tool     |  0.0002  |
+| statick |      isort       |    Tool     |  3.6416  |
+| statick |    flawfinder    |    Tool     |  0.0000  |
+| statick |       mypy       |    Tool     |  0.0022  |
+| statick |    uncrustify    |    Tool     |  0.0001  |
+| statick |    pydocstyle    |    Tool     |  4.8751  |
+| statick |    cmakelint     |    Tool     |  0.0249  |
+| statick |   docformatter   |    Tool     |  0.0020  |
+| statick | print_to_console |  Reporting  |  0.0318  |
+| Overall |                  |             | 89.6734  |
++---------+------------------+-------------+----------+
+```
+
 ## Advanced Installation
 
 To install Statick from source on your system and make it part of your `$PATH`:
@@ -604,18 +667,18 @@ Statick looks for a `setup.py` or `pyproject.toml` file in a directory to identi
 
 For example, suppose you have the following directory layout for the workspace.
 
-* /home/user/ws
-  * src
-    * python_package1
-    * ros_package1
-    * ros_package2
-    * subdir
-      * python_package2
-      * ros_package3
-      * ros_package4
-      * ros_package5
-  * build
-  * devel
+- /home/user/ws
+  - src
+    - python_package1
+    - ros_package1
+    - ros_package2
+    - subdir
+      - python_package2
+      - ros_package3
+      - ros_package4
+      - ros_package5
+  - build
+  - devel
 
 Statick should be run against the workspace source directory.
 Note that you can provide relative paths to the source directory.

statick_tool/__init__.py

@@ -1,3 +1,3 @@
 """Making code quality easier."""
 
-__version__ = "0.8.1"
+__version__ = "0.9.0"