Motivation

Facebook has developed this cool Open Source tool to detect bugs in Java and C/C++/Objective-C code and it will be a great addition to huskyCI analysis.

It would be great if

We have all the necessary code to scan these new languages!

What we expect

• A working container of Infer that outputs a JSON after running the analysis in a particular folder. Similar to this to be uploaded to Docker Hub as huskyci/infer:latest.
• Add into config.yaml commands needed to run inside the securityTest container.
• Adjust context.go to have the new Infer securityTest configs.
• Add new error messages related to Infer in messagecodes.go.
• Add a new file into securitytest package and adjust its logic to now handle Infer output.
• Add new code into client analysis package to print to STDOUT Infer results.

Tips

• Search how a particular securityTest work and apply the same logic (Ctrl + F + "bandit" will do 🙃).