cppcheck-sarif

cppcheck-sarif is a converter which converts cppcheck xml report to Static Analysis Results Interchange Format (SARIF).

Build

go build .

Example usage

cppcheck --xml --output-file=report.xml .
cppcheck-sarif -output report.sarif report.xml

Use errorlist.xml instead of embedded one

cppcheck --errorlist > errorlist.xml
cppcheck --xml --output-file=report.xml .
cppcheck-sarif -errorlist errorlist.xml -output report.sarif report.xml

GitHub Action usage

name: cppcheck

on:
  push:
    branches:
      - master

jobs:
  upload-sarif:
    runs-on: ubuntu-24.04
    permissions:
      security-events: write
      actions: read
      contents: read
    steps:
      - uses: actions/checkout@v4

      - run: |
          sudo apt-get install -y cppcheck

      - run: |
          cppcheck --enable=all --xml --output-file=report.xml .

      - uses: Flast/cppcheck-sarif@v2
        with:
          input: report.xml
          output: report.sarif

      - uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: report.sarif
          category: cppcheck

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
action.yml		action.yml
cppcheck-sarif.go		cppcheck-sarif.go
errorlist.xml		errorlist.xml
go.mod		go.mod
go.sum		go.sum

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

cppcheck-sarif

Build

Example usage

Use errorlist.xml instead of embedded one

GitHub Action usage

References

About

Languages

License

Flast/cppcheck-sarif

Folders and files

Latest commit

History

Repository files navigation

cppcheck-sarif

Build

Example usage

Use errorlist.xml instead of embedded one

GitHub Action usage

References

About

Topics

Resources

License

Stars

Watchers

Forks

Languages