Cppcheck

[ArielSAdamsNASA]

Description

1. Use MISRA addons in the static analysis workflow.
2. Display results as code scanning results rather than artifacts or in another meaningful manner.

Helpful Links http://cppcheck.sourceforge.net/misra.php https://github.com/cucucuck/11/blob/900f5f5aba2f3127e0eff16c5bf9b90abbfd4f9b/spec/fixtures/configs/si/simartin:cppcheck.yml

[ArielSAdamsNASA]

Try to trigger a cppcheck error.

1. Fork cFS
2. Produce an error by changing a file on GitHub
3. Run the static analysis workflow
4. See if the artifacts are not empty

Artifacts: https://github.com/actions/upload-artifact

For questions, submit a new thread: https://github.community/

[0xsninja]

Good news! I was able to trigger an error with the cppcheck. I first ran the check with the original file locally and got no error return. I then modified the code locally and triggered an error cppcheck is designed to pick up and got a hit. I then wanted to check that the static analysis workflow was working correctly so I copied the script to a private repo and tested it with the modified code and got a hit through the artifact. Here is how an artifact looks if it picks up an error. bundle_cppcheck_err.txt

[ArielSAdamsNASA]

MISRA addon example: https://github.com/cucucuck/11/blob/900f5f5aba2f3127e0eff16c5bf9b90abbfd4f9b/spec/fixtures/configs/si/simartin:cppcheck.yml

[0xsninja]

MISRA Text File MISRA_Rules_Complete.txt

[0xsninja]

If that file does not work this one might work. I just removed the D.x.x rules so it starts with rule 1.1 MISRA_Rules_v2.txt