-
Notifications
You must be signed in to change notification settings - Fork 229
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow users to pass project args to the "static-analysis" cppcheck reusable workflow #607
Closed
3 tasks done
Labels
Comments
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
Updates the static analysis workflow: - Make it work with the latest Ubuntu and Cppcheck - Allow callers to pass in a project configuration to get "real" macro definitions and include paths - Streamlined - only generate XML outputs, then use XSLT to convert that to text, rather than running the tool twice. - Streamlined - merge the two XML outputs into one, before converting to sarif and uploading - Streamlined - Call the sarif conversion tool directly, rather than going through a 3rd party action.
2 tasks
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 2, 2022
jphickey
added a commit
to jphickey/cFS
that referenced
this issue
Nov 3, 2022
Updates the static analysis workflow: - Make it work with the latest Ubuntu and Cppcheck - Allow callers to pass in a project configuration to get "real" macro definitions and include paths - Streamlined - only generate XML outputs, then use XSLT to convert that to text, rather than running the tool twice. - Streamlined - merge the two XML outputs into one, before converting to sarif and uploading - Streamlined - Call the sarif conversion tool directly, rather than going through a 3rd party action.
This was referenced Nov 3, 2022
dzbaker
added a commit
that referenced
this issue
Nov 3, 2022
Fix #607, rework static-analysis workflow
jphickey
added a commit
that referenced
this issue
Sep 11, 2023
Updates the static analysis workflow: - Make it work with the latest Ubuntu and Cppcheck - Allow callers to pass in a project configuration to get "real" macro definitions and include paths - Streamlined - only generate XML outputs, then use XSLT to convert that to text, rather than running the tool twice. - Streamlined - merge the two XML outputs into one, before converting to sarif and uploading - Streamlined - Call the sarif conversion tool directly, rather than going through a 3rd party action.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Checklist (Please check before submitting)
Is your feature request related to a problem? Please describe.
The issue observed in nasa/osal#1324 is due to the fact that cppcheck is being executed in each C source file in isolation. In this case it does not see the definition of
UT_DEFAULT_STUB
and thus does not know how to examine this line.Describe the solution you'd like
cppcheck allows command line options to specify various project-specific preprocessor settings, such as
-D
and-U
options to specify if a macro is set or unset, respectively, as well as-I
option(s) indicating where to find include files.Furthermore, with CMake, the
-DCMAKE_EXPORT_COMPILE_COMMANDS=ON
option causes cmake to export a json file containing the full include path being used, which can then be passed to cppcheck via the--project
option. With this, the code will be examined using the configuration that is actually being compiled.Describe alternatives you've considered
UT_DEFAULT_STUB
, as this will not be checkable unless the definition of this macro is also supplied.Additional context
Using
--project
causes cppcheck to be much more thorough in its results. In particular, it now "sees" thecommon_types.h
file and the ifdef macros that exist in there, and it will check each macro both ways. The upside to this is it finds more potential issues, particularly with ifdef branches that aren't regularly used, but the downside is that it significantly increases the runtime of cppcheck as it tests all the permutations. This may need to be limited if it becomes excessive.Requester Info
Joseph Hickey, Vantage Systems, Inc.
The text was updated successfully, but these errors were encountered: