Skip to content

Harden CI with Release builds, warnings-as-errors, sanitizers, and fuzzing #74

Description

@AlexJuca

Context

Current CI builds Debug on macOS and Ubuntu and runs the existing CTest suite. For production readiness, CI should catch undefined behavior, memory errors, warning regressions, and parser bugs before merge.

Relevant code:

  • .github/workflows/cmake-multi-platform.yml
  • CMakeLists.txt

Scope

  • Add Release build coverage in CI.
  • Add strict warnings (-Wall -Wextra -Wpedantic) and a warnings-as-errors CI profile.
  • Add sanitizer jobs: ASan, UBSan, and LeakSanitizer where supported.
  • Make static analysis actionable: fail CI on high-severity findings or publish clear SARIF/artifacts.
  • Add fuzzing harnesses for protocol frame parsing and command handlers, ideally runnable locally and in CI.
  • Fix CMake standard configuration so C23 is actually applied consistently.

Acceptance criteria

  • CI runs Debug and Release builds on Linux and macOS.
  • Sanitizer jobs pass on the test suite.
  • Warning regressions fail at least one CI job.
  • Protocol fuzz target exists and can run in a bounded CI mode.
  • CodeChecker/static-analysis output is generated from the correct path and not silently ignored for severe findings.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions