---
# All generic Clang-Tidy check are enabled by default, meaning project-specific
# checks are disabled. From there, unrelevant checks are disable on a
# check-by-check basis.
#
# Disabled checks:
# - bugprone-assignment-in-if-condition
#   To use very carefully.
# - bugprone-easily-swappable-parameters
#   Too many false positives, especially when swapable arguments are of different
#   types (which will be flagged by the compiler).
# - cert-dcl03-c
#   We use bf_assert(0) for impossible default in switch...case.
# - cert-dcl37-c
#   Handled by bugprone-reserved-identifier.AllowedIdentifiers.
# - cert-dcl51-cpp
#   Handled by bugprone-reserved-identifier.AllowedIdentifiers.
# - cert-int09-c
#   See readibility-enum-initial-value
# - cert-msc30-c, cert-msc50-cpp
#   rand() is used for non-secure randomness, let me use it.
# - clang-analyzer-core.CallAndMessage
#   Too many false positives with GCC statement expressions.
# - clang-analyzer-deadcode.DeadStores
#   False positives when a bf_jmpctx with cleanup attribute is defined (but
#   not initialized) and initialized later on.
# - clang-analyzer-optin.core.EnumCastOutOfRange
#   We need to use negative enum values to refer to specific counters (errors
#   and policy), while the positive values refers to the counters. We can't
#   create an enum value for every possible counter index, so clang-tidy will
#   complain the value doesn't exist. Which is true. But it's expected.
# - clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling
#   Avoid usage of Annex K functions for portability reasons.
# - clang-analyzer-unix.Malloc
#   Generates false positives.
# - misc-include-cleaner
#   False positives, e.g. with errno.h: E* macros are not directly defined in it,
#   but it's the header we should include.
# - misc-no-recursion
#   Let me use recursion.
# - misc-redundant-expression
#   Macros having the same values can't be or'd without a warning.
# - misc-static-assert
#   We use bf_assert(0) for impossible default in switch...case.
# - modernize-macro-to-enum
#   No benefit.
# - modernize-use-trailing-return-type
#   No benefit.
# - performance-no-int-to-ptr
#   No benefit.
# - readability-enum-initial-value
#   clang-tidy complains because the X_MAX value of the enums is not defined
#   explicitly, while other are. We prefer to do it this way.
# - readability-function-cognitive-complexity
#   Functions generating BPF bytecode will trigger this rule anytime, but they're
#   not that complex due to heavy use of macros.
# - readability-isolate-declaration
#   Rely on manual check: it's uncommon in bpfilter for multiple variable to be
#   defined on a single line, but it's sometimes for the better.
# - readability-suspicious-call-argument
#   Raises non-issues.
Checks: >
  -*,
  bugprone-*,
    -bugprone-assignment-in-if-condition,
    -bugprone-easily-swappable-parameters,
  cert-*,
    -cert-dcl03-c,
    -cert-dcl37-c,
    -cert-dcl51-cpp,
    -cert-int09-c,
    -cert-msc30-c,
    -cert-msc50-cpp,
  clang-analyzer-*,
    -clang-analyzer-core.CallAndMessage,
    -clang-analyzer-deadcode.DeadStores,
    -clang-analyzer-optin.core.EnumCastOutOfRange,
    -clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,
    -clang-analyzer-unix.Malloc,
  misc-*,
    -misc-include-cleaner,
    -misc-no-recursion,
    -misc-redundant-expression,
    -misc-static-assert,
  modernize-*,
    -modernize-macro-to-enum,
    -modernize-use-trailing-return-type,
  performance-*,
    -performance-no-int-to-ptr,
  portability-*,
  readability-*,
    -readability-enum-initial-value,
    -readability-function-cognitive-complexity,
    -readability-isolate-declaration,
    -readability-suspicious-call-argument

WarningsAsErrors: "*"
FormatStyle: none
UseColor: yes

CheckOptions:
  # Allow use of reserved identifier was (_)+ underscore, followed by a bpfilter
  # specific prefix (.e.g _BF). Other idenfitiers defined by GCC are allowed,
  # such as _start, _end...
  - key: bugprone-reserved-identifier.AllowedIdentifiers
    value: "^(_)+(start|stop|bf|bfc|bft|BF|BFC|GNU)_[a-zA-Z0-9_]+$"
  - key: misc-non-private-member-variables-in-classes.IgnorePublicMemberVariables
    value: true
  # Unless a *statement* takes 1 line, it should be in braces
  - key: readability-braces-around-statements.ShortStatementLines
    value: 6
  # Allowed short variable names
  - key: readability-identifier-length.IgnoredVariableNames
    value: "_|i|fd|r|j[0-9]|op|ns|n"
  # Allowed short parameter names
  - key: readability-identifier-length.IgnoredParameterNames
    value: "ip|fd|op|id|cb|ns|n"
  # Allow for magic constants that are power of 2.
  - key: readability-magic-numbers.IgnorePowersOf2IntegerValues
    value: true
  # Allow specific masks
  - key: readability-magic-numbers.IgnoredIntegerValues
    value: 255;65535;100
