[johnisgood]

Yes you are.

I always use "-std=c99 -Wall -Wextra -Wpedantic -Werror". You could replace "-Wpedantic" with "-pedantic" though (it is more supported). You may omit "-Werror".

Sometimes I also use "-D_XOPEN_SOURCE=700" and "-D_FORTIFY_SOURCE=2" along with "-fstack-protector-strong".

For debug builds you want "-O0 -g" at the very least.

I also have a make target that uses "scan-build", "cppcheck", and "clang-tidy".

[9029]

While we are at it, here are some more useful warning flags I have used: https://github.com/cpp-best-practices/cppbestpractices/blob/.... Some C++-only though, some are a bit opinionated (like -Wsign-conversion) and some useful C-only flags might be missing.

Few C-specific references I found just now, but haven't tried myself yet:

https://github.com/systemd/systemd/blob/0885e4a6e7ca93d3aef8... https://github.com/airbus-seclab/c-compiler-security

Also a good idea to regularly run the program with sanitizers, using them in tests is a good way to do that I think. Why not during development as well if the performance is acceptable for that specific program.