g++ doesn't emit these warnings properly, so the `run-gcc` tool, which
compiles code as C++, doesn't work for all of these. There are a few
builds that do use GCC, e.g. the sonar-scan build, so these flags will
be passed at some point in CI.
These help static analysis and ubsan. We should eventually have all
functions annotated like this with a cimple check to make sure every
pointer has an explicit nullability annotation. The `nullable`
annotation does nothing in GCC, but will be used by cimple to validate
that every parameter has defined nullability.
- Use one node list and public bootstrap function for all autotests
- Use ifdefs for testnet/mainnet nodes
- Replace a few broken nodes with working ones
We can't run this on pull requests because it needs access to the
`SONAR_TOKEN` secret. Perhaps in the future we can make it a
`pull_request_target` workflow, but then we can't use cmake to initialise
the environment, meaning we need to specify the inputs manually.
