diff --git a/.github/workflows/cppcheck.yml b/.github/workflows/cppcheck.yml index 03c54895..4920a549 100644 --- a/.github/workflows/cppcheck.yml +++ b/.github/workflows/cppcheck.yml @@ -26,5 +26,4 @@ jobs: - name: Run cppcheck shell: bash run: | - chmod +x ./scripts/run_cppcheck.sh ./scripts/run_cppcheck.sh diff --git a/.gitignore b/.gitignore index 9552ba03..d6056bf6 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,6 @@ __pycache__/ *.code-workspace *.orig settings.json + +# Development Artifacts +cppcheck_output.txt diff --git a/scripts/run_cppcheck.sh b/scripts/run_cppcheck.sh index ea0af8c1..a6761b55 100755 --- a/scripts/run_cppcheck.sh +++ b/scripts/run_cppcheck.sh @@ -9,201 +9,86 @@ if [ ! -d "$SRC_DIR/build" ] || [ ! -f "$SRC_DIR/build/compile_commands.json" ]; cmake -B "$SRC_DIR/build" -DCMAKE_EXPORT_COMPILE_COMMANDS=ON fi -echo "=== Running Static Analysis ===" +echo "Running Static Analysis..." echo # Create a function to generate the summary generate_summary() { { + # Initialize flag + has_critical_issues=false + + echo + + # Always generate and display summary regardless of exit code echo "=== Static Analysis Summary ===" echo - + + # Display critical issues echo "Critical Issues (Errors & Warnings):" echo "-----------------------------------" grep -E "error:|warning:" cppcheck_output.txt | grep -v "Checking " | grep -v "nofile:0:" | \ sort | uniq | awk -F': ' '{printf "%-40s %s\n", $1, $4}' || echo "None found" echo - + + # Display performance issues echo "Performance & Portability Issues:" echo "--------------------------------" grep -E "performance:|portability:" cppcheck_output.txt | grep -v "Checking " | \ sort | uniq | awk -F': ' '{printf "%-40s %s\n", $1, $4}' || echo "None found" echo - - echo "Issue Count by Severity:" - echo "------------------------" - for sev in error warning performance portability style information; do - count=$(grep -c "${sev}:" cppcheck_output.txt || echo 0) - printf "%-12s %d issues\n" "${sev^^}:" "$count" + + # Count issues by severity + echo " Issue Count by Severity: " + echo "--------------------------" + for sev in error warning performance portability style missingInclude information debug; do + count=$(grep -c "${sev}:" cppcheck_output.txt) || true + printf "%-15s %3d issues\n" "${sev^^}:" "$count" + + # Check if 'sev' is 'error' or 'warning' and if 'count' is greater than 0 + if [[ "$sev" == "error" || "$sev" == "warning" ]] && [ "$count" -gt 0 ]; then + has_critical_issues=true + fi done echo - - if [ $CPPCHECK_EXIT_CODE -ne 0 ]; then + + # Display status and details + if [ $has_critical_issues ]; then echo "Status: FAILED - Critical issues found" echo - echo "Critical Issues Details:" - echo "------------------------" - grep -E "error:|warning:" cppcheck_output.txt | grep -v "Checking " | grep -v "nofile:0:" | \ - sort | uniq || echo "None found" + echo "Review and fix critical issues before proceeding" else echo "Status: PASSED - No critical issues found" + echo echo "Note: Review non-critical issues for potential improvements" fi - } | tee summary.txt + } + + # Return 1 if critical issues found, 0 otherwise + if $has_critical_issues; then + return 1 + else + return 0 + fi } -# Run cppcheck and capture output # Run cppcheck and capture output and exit code cppcheck \ --enable=all \ - --check-level=exhaustive \ --inconclusive \ --std=c11 \ --force \ --inline-suppr \ - --suppress=missingIncludeSystem \ - --suppress=nullPointerRedundantCheck:*/n_cjson.c \ - --suppress=ctunullpointer:*/n_cjson.c \ --suppress=unusedFunction \ - --suppress=unmatchedSuppression \ - --suppress=style \ - --suppress=information \ - --suppress=syntaxError:test/* \ - --suppress=unknownMacro:test/* \ - -I test/include \ + -i test \ + -i build/_deps \ --template="{file}:{line}: {severity}: {id}: {message}" \ --max-configs=32 \ --check-library \ --debug-warnings \ - --error-exitcode=1 \ . 2>&1 | tee cppcheck_output.txt -CPPCHECK_EXIT_CODE=${PIPESTATUS[0]} - -# Always generate and display summary regardless of exit code -echo -echo "=== Static Analysis Summary ===" -echo - -# Display critical issues -echo "Critical Issues (Errors & Warnings):" -echo "-----------------------------------" -grep -E "error:|warning:" cppcheck_output.txt | grep -v "Checking " | grep -v "nofile:0:" | \ - sort | uniq | awk -F': ' '{printf "%-40s %s\n", $1, $4}' || echo "None found" -echo - -# Display performance issues -echo "Performance & Portability Issues:" -echo "--------------------------------" -grep -E "performance:|portability:" cppcheck_output.txt | grep -v "Checking " | \ - sort | uniq | awk -F': ' '{printf "%-40s %s\n", $1, $4}' || echo "None found" -echo - -# Count issues by severity -echo "Issue Count by Severity:" -echo "------------------------" -for sev in error warning performance portability style information; do - count=$(grep -c "${sev}:" cppcheck_output.txt || echo 0) - printf "%-12s %d issues\n" "${sev^^}:" "$count" -done -echo - -# Display status and details -if [ $CPPCHECK_EXIT_CODE -ne 0 ]; then - echo "Status: FAILED - Critical issues found" - echo - echo "Critical Issues Details:" - echo "------------------------" - grep -E "error:|warning:" cppcheck_output.txt | grep -v "Checking " | grep -v "nofile:0:" | \ - sort | uniq || echo "None found" - echo -fi - -# Exit with cppcheck's status code -exit $CPPCHECK_EXIT_CODE - -# Generate and display summary -echo -echo "=== Static Analysis Summary ===" -echo - -# Display critical issues -echo "Critical Issues (Errors & Warnings):" -echo "-----------------------------------" -grep -E "error:|warning:" cppcheck_output.txt | grep -v "Checking " | grep -v "nofile:0:" | \ - sort | uniq | awk -F': ' '{printf "%-40s %s\n", $1, $4}' || echo "None found" -echo - -# Display performance issues -echo "Performance & Portability Issues:" -echo "--------------------------------" -grep -E "performance:|portability:" cppcheck_output.txt | grep -v "Checking " | \ - sort | uniq | awk -F': ' '{printf "%-40s %s\n", $1, $4}' || echo "None found" -echo - -# Count issues by severity -echo "Issue Count by Severity:" -echo "------------------------" -for sev in error warning performance portability style information; do - count=$(grep -c "${sev}:" cppcheck_output.txt || echo 0) - printf "%-12s %d issues\n" "${sev^^}:" "$count" -done -echo - -# Display status and details -if [ $CPPCHECK_EXIT_CODE -ne 0 ]; then - echo "Status: FAILED - Critical issues found" - echo - echo "Critical Issues Details:" - echo "------------------------" - grep -E "error:|warning:" cppcheck_output.txt | grep -v "Checking " | grep -v "nofile:0:" | \ - sort | uniq || echo "None found" -else - echo "Status: PASSED - No critical issues found" - echo "Note: Review non-critical issues for potential improvements" -fi - -# Exit with cppcheck's status code -exit $CPPCHECK_EXIT_CODE - -echo -echo "=== Static Analysis Summary ===" -echo - -# Display critical issues -echo "Critical Issues (Errors & Warnings):" -echo "-----------------------------------" -grep -E "error:|warning:" cppcheck_output.txt | grep -v "Checking " | grep -v "nofile:0:" | \ - sort | uniq | awk -F': ' '{printf "%-40s %s\n", $1, $4}' || echo "None found" -echo -# Display performance issues -echo "Performance & Portability Issues:" -echo "--------------------------------" -grep -E "performance:|portability:" cppcheck_output.txt | grep -v "Checking " | \ - sort | uniq | awk -F': ' '{printf "%-40s %s\n", $1, $4}' || echo "None found" -echo - -# Count issues by severity -echo "Issue Count by Severity:" -echo "------------------------" -for sev in error warning performance portability style information; do - count=$(grep -c "${sev}:" cppcheck_output.txt || echo 0) - printf "%-12s %d issues\n" "${sev^^}:" "$count" -done -echo - -# Display status and details -if [ $CPPCHECK_EXIT_CODE -ne 0 ]; then - echo "Status: FAILED - Critical issues found" - echo - echo "Critical Issues Details:" - echo "------------------------" - grep -E "error:|warning:" cppcheck_output.txt | grep -v "Checking " | grep -v "nofile:0:" | \ - sort | uniq || echo "None found" -else - echo "Status: PASSED - No critical issues found" - echo "Note: Review non-critical issues for potential improvements" -fi +generate_summary # Exit with cppcheck's status code -exit $CPPCHECK_EXIT_CODE +exit $?